Can you explain this vulnerability to me?

CVE-2025-44136 is a Cross-Site Scripting (XSS) vulnerability in MapTiler Tileserver-php version 2.0. It occurs because the GET parameter "layer" is reflected in an error message without proper HTML encoding or sanitization. This allows an unauthenticated attacker to inject and execute arbitrary HTML or JavaScript code in the victim's browser when they access a specially crafted URL. [1]

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can impact you by allowing attackers to execute arbitrary scripts in the browsers of users who visit a maliciously crafted URL on your MapTiler Tileserver-php v2.0 instance. This can lead to theft of sensitive information such as cookies or session tokens, defacement of web content, or redirection to malicious sites, all without requiring any authentication. [1]

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by sending a crafted HTTP GET request to the tileserver.php endpoint with the 'layer' parameter containing a test script payload to check for XSS. For example, use a command like: curl "http://host/tileserver.php/wmts/x/1/1/asd?Request=x&layer=<svg onload=alert(document.domain)>" and observe if the response includes the injected script without proper encoding, indicating the presence of the vulnerability. [1]

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include applying proper HTML encoding or sanitization to the 'layer' GET parameter in the tileserver.php code to prevent script injection. Until a patch is available, restrict access to the vulnerable endpoint, implement web application firewall (WAF) rules to block malicious payloads targeting the 'layer' parameter, and monitor for suspicious requests exploiting this XSS vulnerability. [1]

Useful 0 Not Useful 0