Vulnerability in TileServer GL (xss)

[SaleSlave]

Hello,
Found XSS vulnerability in TileServer GL (Vector data url)

Tested on 4.4.10
http://address:8089/data/v3/?key=%27-alert(1)-%27

and 3.1.1
http://address:8083/data/malaysia-vector/?key='-alert(1)-'

Do you already know about it ?

CVE-2024-35627
Affected version <=4.4.10
Its recommended to update to latest version

[acalcutt]

I think this was fixed by #535 in https://github.com/maptiler/tileserver-gl/releases/tag/v4.4.2

If I test with my own server running v4.11.0 it has no effect
https://tiles.wifidb.net/data/openmaptiles/?key=%27-alert(1)-%27#0.51/0/0

Are you sure your test wasn't running 4.4.1 instead of 4.4.10? Either way, this should be fixed in the current release.

_

[SaleSlave]

tested v4.11.0, its not affected.
Yes, it was 4.4.10

UPD It has to be vector data url