Количество 2
Количество 2
CVE-2023-26043
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary File Read. This issue has been patched in version 4.0.3.
GHSA-mcmc-c59m-pqq8
GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-26043 GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary File Read. This issue has been patched in version 4.0.3. | CVSS3: 6.5 | 0% Низкий | почти 3 года назад |
| GHSA-mcmc-c59m-pqq8 GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу