Lucene search
K

499 matches found

Cvelist
Cvelist
added 2024/03/20 6:0 p.m.44 views

CVE-2024-23819 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in MapML HTML Page

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.1AI score0.00426EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/20 6:0 p.m.18 views

CVE-2024-23819 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in MapML HTML Page

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.1AI score0.00426EPSS
Exploits0References5
CVE
CVE
added 2024/03/20 6:0 p.m.87 views

CVE-2024-23819

GeoServer has a stored Cross-Site Scripting (XSS) vulnerability in the MapML HTML Page. An authenticated administrator with workspace‑level privileges can store a JavaScript payload in the GeoServer catalog, which executes in another user’s browser when the MapML HTML Page is viewed. The MapML ex...

4.8CVSS5.3AI score0.00426EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/03/20 6:0 p.m.29 views

CVE-2024-23819 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in MapML HTML Page

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.2AI score0.00426EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/03/20 5:57 p.m.16 views

CVE-2024-23818 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in WMS OpenLayers Format

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.5AI score0.00426EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/03/20 5:57 p.m.19 views

CVE-2024-23818 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in WMS OpenLayers Format

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.1AI score0.00426EPSS
Exploits0References5
CVE
CVE
added 2024/03/20 5:57 p.m.84 views

CVE-2024-23818

GeoServer’s WMS OpenLayers Format has a stored XSS vulnerability that can be triggered by an authenticated administrator with workspace privileges to store a JavaScript payload in the GeoServer catalog, executed in another user’s browser when rendering WMS GetMap. Affected are versions prior to 2...

4.8CVSS4.8AI score0.00426EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/03/20 5:57 p.m.20 views

CVE-2024-23818 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in WMS OpenLayers Format

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.4AI score0.00426EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/03/20 5:50 p.m.22 views

CVE-2024-23643 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in GWC Seed Form

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.2 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.1AI score0.00426EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/03/20 5:50 p.m.25 views

CVE-2024-23643 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in GWC Seed Form

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.2 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.4AI score0.00426EPSS
Exploits0References4
CVE
CVE
added 2024/03/20 5:50 p.m.82 views

CVE-2024-23643

GeoServer contains a stored XSS vulnerability (CVE-2024-23643) in the GWC Seed Form. A authenticated administrator with workspace-level privileges can store a JavaScript payload in the GeoServer catalog, which then executes in another administrator’s browser when the GWC Seed Form is viewed. Affe...

4.8CVSS4.8AI score0.00426EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/03/20 5:50 p.m.21 views

CVE-2024-23643 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in GWC Seed Form

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.2 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.4AI score0.00426EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/03/20 5:44 p.m.27 views

CVE-2024-23642 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in Simple SVG Renderer

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.1AI score0.00426EPSS
Exploits0References5
CVE
CVE
added 2024/03/20 5:44 p.m.109 views

CVE-2024-23642

GeoServer stores a Stored Cross-Site Scripting (XSS) vulnerability in the Simple SVG Renderer. The issue affects versions prior to 2.23.4 and 2.24.1, where an authenticated administrator with workspace‑level privileges can store a JavaScript payload in the GeoServer catalog that executes in anoth...

4.8CVSS5.4AI score0.00426EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/20 5:44 p.m.13 views

CVE-2024-23642 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in Simple SVG Renderer

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.5AI score0.00426EPSS
Exploits0References5
OSV
OSV
added 2024/03/20 5:44 p.m.19 views

CVE-2024-23642 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in Simple SVG Renderer

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.4AI score0.00426EPSS
Exploits0References7
NVD
NVD
added 2024/03/20 4:15 p.m.23 views

CVE-2024-23640

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5AI score0.00426EPSS
Exploits0References5
NVD
NVD
added 2024/03/20 4:15 p.m.23 views

CVE-2024-23634

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores through the REST...

6CVSS6.1AI score0.00694EPSS
Exploits1References5
NVD
NVD
added 2024/03/20 4:15 p.m.29 views

CVE-2023-51445

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS4.9AI score0.00487EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/03/20 3:26 p.m.37 views

CVE-2024-23640 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in Style Publisher

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.2AI score0.00426EPSS
Exploits0References5
Rows per page
Query Builder