7 matches found
CVE-2023-26043
CVE-2023-26043 is an XXE injection in GeoNode’s GeoServer style upload pathway that can lead to an authenticated Arbitrary File Read. The vulnerability stems from the server-side parsing of user-supplied SLD files (style uploads) without proper entity resolution, enabling an attacker to read file...
CVE-2023-42439
GeoNode CVE-2023-42439 describes a Server-Side Request Forgery (SSRF) bypass vulnerability that bypasses the whitelist by manipulating the first host into a whitelisted address using @ or %40 as credentials to the geoserver (port 8080). The result is a full read SSRF that can return data from int...
CVE-2023-40017
GeoNode versions 3.2.0–4.1.2 are affected by an SSRF vulnerability in the /proxy/?url= endpoint that enables port-scanning internal hosts and proxying data from internal services. Root cause is improper protection against SSRF. A patch is available at commit a9eebae80cb362009660a1fd49e105e7cdb499...
CVE-2024-27091
GeoNode's Stored XSS in the rich text editor is confirmed across multiple sources. The issue allows an attacker to retrieve a victim's CSRF token and trigger an email-change request, potentially leading to account takeover. Root cause: vulnerable rich text editor that does not mitigate XSS; impac...
CVE-2023-28442
CVE-2023-28442 affects GeoNode (3 and 4) where anonymous users can retrieve sensitive configuration information from the Geoserver REST endpoint /geoserver/rest/about/status. Versions before 2.20.7 (also 2.19.6/2.18.7) are exposed due to Geoserver configuration for GeoNode leaving REST endpoints ...
CVE-2026-39921
Technical details about CVE-2026-39921 (affected GeoNode versions, exact exploit steps, and remediation specifics) are not publicly provided in the supplied documents. Monitor for updates from official advisories.
CVE-2026-39922
CVE-2026-39922 affects GeoNode 4.x (pre-4.4.5) and 5.x (pre-5.0.2). The issue is a server-side request forgery in the service registration endpoint, allowing authenticated attackers to submit crafted service URLs to trigger outbound requests to arbitrary URLs via the WMS service handler, bypassin...