11 matches found
EUVD-2024-0864
Malicious code in bioql PyPI...
CVE-2024-23819
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...
GeoServer 2.24.0 < 2.24.1 Multiples Vulnerabilities
According to its banner, the version of GeoServer running on the remote host is prior to 2.23.5 or 2.24.0 prior to 2.24.2. It is, therefore, affected by Multiples Vulnerabilities : - An Arbitrary file upload vulnerability in REST Coverage Store API - A Stored Cross-Site Scripting XSS vulnerabilit...
GeoServer < 2.23.4 Multiples Vulnerabilities
According to its banner, the version of GeoServer running on the remote host is prior to 2.23.5 or 2.24.0 prior to 2.24.2. It is, therefore, affected by Multiples Vulnerabilities : - An Arbitrary file upload vulnerability in REST Coverage Store API - A Stored Cross-Site Scripting XSS vulnerabilit...
CVE-2024-23819
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...
CVE-2024-23819 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in MapML HTML Page
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...
CVE-2024-23819 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in MapML HTML Page
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...
CVE-2024-23819 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in MapML HTML Page
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...
GHSA-7X76-57FR-M5R5 GeoServer's MapML HTML Page vulnerable to Stored Cross-Site Scripting (XSS)
Summary A stored cross-site scripting XSS vulnerability exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the MapML HTML Page. The MapM...
GeoServer's MapML HTML Page vulnerable to Stored Cross-Site Scripting (XSS)
Summary A stored cross-site scripting XSS vulnerability exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the MapML HTML Page. The MapM...
PT-2024-20100 · Geoserver · Geoserver
Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.23.4 and 2.24.1 Description: A stored cross-site scripting XSS issue exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog. This...