GeoServer is an open source software server written in Java. Allows users to share and edit geospatial data. A cross-site scripting vulnerability exists in GeoServer versions prior to 2.23.4 and 2.24.1, which stems from the application’s lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
geoserver geoserver | lt | 2.23.4 | |
geoserver geoserver | lt | 2.24.1 |