Page 2 of 11 results (0.011 seconds)

CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the WMS GetMap OpenLayers Output Format. Access to the WMS OpenLayers Format is available to all users by default although data and service security may limit users' ability to trigger the XSS. Versions 2.23.3 and 2.24.1 contain a patch for this issue. GeoServer es un servidor de software de código abierto escrito en Java que permite a los usuarios compartir y editar datos geoespaciales. • https://github.com/geoserver/geoserver/commit/4557a832eed19ec18b9753cb97e8aa85269741d2 https://github.com/geoserver/geoserver/commit/a26c32a469ee4c599236380452ffb4260361bd6f https://github.com/geoserver/geoserver/pull/7174 https://github.com/geoserver/geoserver/security/advisories/GHSA-fcpm-hchj-mh72 https://osgeo-org.atlassian.net/browse/GEOS-11153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.2 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another administrator’s browser when viewed in the GWC Seed Form. Access to the GWC Seed Form is limited to full administrators by default and granting non-administrators access to this endpoint is not recommended. Versions 2.23.2 and 2.24.1 contain a fix for this issue. GeoServer es un servidor de software de código abierto escrito en Java que permite a los usuarios compartir y editar datos geoespaciales. • https://github.com/GeoWebCache/geowebcache/commit/9d010e09c784690ada8af43f594461a2553a62f0 https://github.com/GeoWebCache/geowebcache/issues/1172 https://github.com/GeoWebCache/geowebcache/pull/1174 https://github.com/geoserver/geoserver/security/advisories/GHSA-56r3-f536-5gf7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the WMS GetMap SVG Output Format when the Simple SVG renderer is enabled. Access to the WMS SVG Format is available to all users by default although data and service security may limit users' ability to trigger the XSS. Versions 2.23.4 and 2.24.1 contain a fix for this issue. GeoServer es un servidor de software de código abierto escrito en Java que permite a los usuarios compartir y editar datos geoespaciales. • https://github.com/geoserver/geoserver/commit/1b1835afbb9c282d1840786259aeda81c1d22b00 https://github.com/geoserver/geoserver/commit/9f40265febb5939f23e2c53930c9c35e93970afe https://github.com/geoserver/geoserver/pull/7173 https://github.com/geoserver/geoserver/security/advisories/GHSA-fg9v-56hw-g525 https://osgeo-org.atlassian.net/browse/GEOS-11152 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores through the REST Coverage Store or Data Store API to rename arbitrary files and directories with a name that does not end in `.zip`. Store file uploads rename zip files to have a `.zip` extension if it doesn't already have one before unzipping the file. This is fine for file and url upload methods where the files will be in a specific subdirectory of the data directory but, when using the external upload method, this allows arbitrary files and directories to be renamed. Renaming GeoServer files will most likely result in a denial of service, either completely preventing GeoServer from running or effectively deleting specific resources (such as a workspace, layer or style). • https://github.com/geoserver/geoserver/commit/5d6af2f8ba9ad7dffae59575504a867159698772 https://github.com/geoserver/geoserver/commit/c37f58fbacdfa0d581a6f99195585f70b1201f0a https://github.com/geoserver/geoserver/pull/7289 https://github.com/geoserver/geoserver/security/advisories/GHSA-75m5-hh4r-q9gx https://osgeo-org.atlassian.net/browse/GEOS-11213 • CWE-20: Improper Input Validation CWE-73: External Control of File Name or Path •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file upload vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with permissions to modify coverage stores through the REST Coverage Store API to upload arbitrary file contents to arbitrary file locations which can lead to remote code execution. Coverage stores that are configured using relative paths use a GeoServer Resource implementation that has validation to prevent path traversal but coverage stores that are configured using absolute paths use a different Resource implementation that does not prevent path traversal. This vulnerability can lead to executing arbitrary code. An administrator with limited privileges could also potentially exploit this to overwrite GeoServer security files and obtain full administrator privileges. • https://github.com/geoserver/geoserver/commit/ca683170c669718cb6ad4c79e01b0451065e13b8 https://github.com/geoserver/geoserver/commit/fe235b3bb1d7f05751a4a2ef5390c36f5c9e78ae https://github.com/geoserver/geoserver/pull/7222 https://github.com/geoserver/geoserver/security/advisories/GHSA-9v5q-2gwq-q9hq https://osgeo-org.atlassian.net/browse/GEOS-11176 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •