CVE-2025-44136 - MapTiler Tileserver-php XSS

CVE ID : CVE-2025-44136
Published : July 29, 2025, 5:15 p.m. | 1 hour, 49 minutes ago
Description : MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter "layer" is reflected in an error message without html encoding. This leads to XSS and allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victim's browser.
Severity: 9.8 | CRITICAL

Post a Comment

Please Select Embedded Mode To Show The Comment System.*

Previous Post Next Post