Mheranco

**Name of the Vulnerable Software and Affected Versions** MapTiler Tileserver-php version 2.0 **Description** MapTiler Tileserver-php v2.0 is susceptible to a Cross-Site Scripting (XSS) issue. The `layer` GET parameter is reflected in an error message without proper HTML encoding. This allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code in a victim's browser via the ''/api/v1/layer'' endpoint. The vulnerable parameter is `layer`. **Recommendations** MapTiler Tileserver-php version 2.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MapTiler Tileserver-php version 2.0 **Description** MapTiler Tileserver-php version 2.0 contains a directory traversal issue. The `renderTile` function within the `tileserver.php` file is responsible for delivering tiles stored as files on the server via web request. The creation of the file path allows for the insertion of "../", enabling the reading of any file on the web server. The affected GET parameters are `TileMatrix`, `TileRow`, `TileCol`, and `Format`. **Recommendations** Versions prior to 2.0 are not affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.