2 matches found
CVE-2023-51445
GeoServer’s CVE-2023-51445 is a stored XSS in the REST Resources API. Affected versions prior to 2.23.3 and 2.24.0 allow an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend resources, which will execute in another administrator’s b...
CVE-2023-51445
creationtimestamp| type| source ---|---|--- 2024-03-19 19:13:06+00:00| published-proof-of-concept| https://github.com/geoserver/geoserver/security/advisories/GHSA-fh7p-5f6g-vj2w...