GHSA-FH7P-5F6G-VJ2W Stored Cross-Site Scripting (XSS) vulnerability in GeoServer's REST Resources API
Summary A stored cross-site scripting XSS vulnerability exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend resources that will execute in the context of another administrator's browser when viewed in the REST...