Lucene search

GitHub_MCVELIST:CVE-2024-23821

HistoryMar 20, 2024 - 6:03 p.m.

CVE-2024-23821 GeoServer's GWC Demos Page vulnerable to Stored Cross-Site Scripting (XSS)

2024-03-2018:03:25

CWE-79

GitHub_M

www.cve.org

geoserver

gwc demos

xss

vulnerability

javascript

2.23.4

2.24.1

patch

geospatial data

java

stored cross-site scripting

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

15.5%

JSON

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user’s browser when viewed in the GWC Demos Page. Access to the GWC Demos Page is available to all users although data security may limit users’ ability to trigger the XSS. Versions 2.23.4 and 2.24.1 contain a patch for this issue.

CNA Affected

[
  {
    "vendor": "geoserver",
    "product": "geoserver",
    "versions": [
      {
        "version": "< 2.23.4",
        "status": "affected"
      },
      {
        "version": "= 2.24.0",
        "status": "affected"
      }
    ]
  }
]

References

github.com/geoserver/geoserver/security/advisories/GHSA-88wc-fcj9-q3r9

github.com/GeoWebCache/geowebcache/issues/1171

github.com/GeoWebCache/geowebcache/pull/1173