CNNVD-202507-3619 Information

CNNVD ID

CNNVD-202507-3619

Related CVE

CVE-2025-44136

• CNNVD Published: 2025-07-29

Description (Chinese)

TileServer PHP是MapTiler开源的一个文件夹托管软件。 TileServer PHP v2.0版本存在安全漏洞，该漏洞源于layer参数未经过HTML编码，可能导致跨站脚本攻击。

Description (English)

TileServer PHP is a folder hosting software for MapTiler Open Source. There is a security loophole in TileServer PHP v2.0, which stems from the fact that the gamer parameter is not coded by HTML, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

MapTiler

Published

2025-07-29

Last Modified

2026-02-24

References

https://github.com/mheranco/CVE-2025-44136 https://github.com/maptiler/tileserver-php/issues/167 https://access.redhat.com/security/cve/cve-2025-44136