CVE-2024-35627

May 22, 2024, 7:15 p.m.

None
No Score

Description

tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /data/v3/?key.

Product(s) Impacted

Product Versions
tileserver-gl
  • ['up to v4.4.10']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://gist.github.com/SaleSlave/e23d49e7f8eb937784d15c2c2fc34fca

Tags

cve@mitre.org
2024-05-22
CVE-2024-35627

Timeline

Published: May 22, 2024, 7:15 p.m.
Last Modified: May 22, 2024, 7:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.