23 matches found
GHSA-FCPM-HCHJ-MH72 GeoServer's WMS OpenLayers Format vulnerable to Stored Cross-Site Scripting (XSS)
Summary A stored cross-site scripting XSS vulnerability exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the WMS GetMap OpenLayers...
GeoServer's WMS OpenLayers Format vulnerable to Stored Cross-Site Scripting (XSS)
Summary A stored cross-site scripting XSS vulnerability exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the WMS GetMap OpenLayers...
PT-2024-20099 · Geoserver · Geoserver
Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.23.3 and 2.24.1 Description: A stored cross-site scripting XSS issue exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog. This...