CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23643 – GeoServer Stored Cross-Site Scripting (XSS) vulnerability in GWC Seed Form
https://notcve.org/view.php?id=CVE-2024-23643
20 Mar 2024 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.2 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another administrator’s browser when viewed in the GWC Seed Form. Access to the GWC Seed Form is limited to full administrators by defau... • https://github.com/GeoWebCache/geowebcache/commit/9d010e09c784690ada8af43f594461a2553a62f0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23642 – GeoServer Stored Cross-Site Scripting (XSS) vulnerability in Simple SVG Renderer
https://notcve.org/view.php?id=CVE-2024-23642
20 Mar 2024 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the WMS GetMap SVG Output Format when the Simple SVG renderer is enabled. Access to the WMS SVG Fo... • https://github.com/geoserver/geoserver/commit/1b1835afbb9c282d1840786259aeda81c1d22b00 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23640 – GeoServer Stored Cross-Site Scripting (XSS) vulnerability in Style Publisher
https://notcve.org/view.php?id=CVE-2024-23640
20 Mar 2024 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend resources or in a specially crafted datastore file that will execute in the context of another user's browser when viewed in the Style Publisher. Access to the Style Publis... • https://github.com/geoserver/geoserver/pull/7162 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23634 – GeoServer arbitrary file renaming vulnerability in REST Coverage/Data Store API
https://notcve.org/view.php?id=CVE-2024-23634
20 Mar 2024 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores through the REST Coverage Store or Data Store API to rename arbitrary files and directories with a name that does not end in `.zip`. Store file uploads rename zip files to have a `.zip` extension if it doesn't already have one before ... • https://github.com/geoserver/geoserver/commit/5d6af2f8ba9ad7dffae59575504a867159698772 • CWE-20: Improper Input Validation CWE-73: External Control of File Name or Path •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51445 – GeoServer Stored Cross-Site Scripting (XSS) vulnerability in REST Resources API
https://notcve.org/view.php?id=CVE-2023-51445
20 Mar 2024 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend resources that will execute in the context of another administrator's browser when viewed in the REST Resources API. Access to the REST Resources API is limited to full adm... • https://github.com/geoserver/geoserver/commit/7db985738ff2422019ccac974cf547bae5770cad • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 3%CPEs: 2EXPL: 0CVE-2023-51444 – GeoServer arbitrary file upload vulnerability in REST Coverage Store API
https://notcve.org/view.php?id=CVE-2023-51444
20 Mar 2024 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file upload vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with permissions to modify coverage stores through the REST Coverage Store API to upload arbitrary file contents to arbitrary file locations which can lead to remote code execution. Coverage stores that are configured using relative paths use a GeoServer Resource implem... • https://github.com/geoserver/geoserver/commit/ca683170c669718cb6ad4c79e01b0451065e13b8 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41877 – GeoServer log file path traversal vulnerability
https://notcve.org/view.php?id=CVE-2023-41877
20 Mar 2024 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A path traversal vulnerability in versions 2.23.4 and prior requires GeoServer Administrator with access to the admin console to misconfigure the Global Settings for log file location to an arbitrary location. The admin console GeoServer Logs page provides a preview of these contents. As this issue requires GeoServer administrators access, often representing a trusted party, the vulnerability has... • https://docs.geoserver.org/latest/en/user/configuration/globalsettings.html#log-location • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 90%CPEs: 2EXPL: 0CVE-2023-43795 – WPS Server Side Request Forgery in GeoServer
https://notcve.org/view.php?id=CVE-2023-43795
24 Oct 2023 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. This vulnerability has been patched in version 2.22.5 and 2.23.2. GeoServer es un servidor de software de código abierto escrito en Java que permite a los usuarios compartir y editar datos geoespaciales. • https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-41339 – Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer
https://notcve.org/view.php?id=CVE-2023-41339
24 Oct 2023 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an ``sld=
CVSS: 10.0EPSS: 93%CPEs: 5EXPL: 8CVE-2023-25157 – Unfiltered SQL Injection Vulnerabilities in Geoserver
https://notcve.org/view.php?id=CVE-2023-25157
21 Feb 2023 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrad... • https://github.com/dr-cable-tv/Geoserver-CVE-2023-25157 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •