6 matches found
CVE-2023-43795
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...
CVE-2023-43795
creationtimestamp| type| source ---|---|--- 2025-01-31 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-01-31 2025-02-22 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-02-22 2025-03-08 00:00:00+00:00| exploited| The...
CVE-2023-43795 WPS Server Side Request Forgery in GeoServer
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...
CVE-2023-43795 WPS Server Side Request Forgery in GeoServer
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...
CVE-2023-43795 WPS Server Side Request Forgery in GeoServer
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...
CVE-2023-43795
CVE-2023-43795 concerns GeoServer, where the Web Processing Service (WPS) vulnerability allows unauthenticated SSRF via GET/POST requests. The issue stems from how WPS processes external URLs, enabling an attacker to make arbitrary HTTP requests and reach internal resources. Patched in GeoServer ...