2020-07-01 22:14:44
mitre
PUBLISHED
An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the applications main page, causing reflected XSS.