CVE-2024-27091
- EPSS 0.7%
- Veröffentlicht 27.03.2024 13:15:47
- Zuletzt bearbeitet 19.12.2025 18:28:57
GeoNode is a geospatial content management system, a platform for the management and publication of geospatial data. An issue exists within GEONODE where the current rich text editor is vulnerable to Stored XSS. The applications cookies are set secur...
CVE-2023-42439
- EPSS 0.07%
- Veröffentlicht 15.09.2023 21:15:11
- Zuletzt bearbeitet 21.11.2024 08:22:31
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. A SSRF vulnerability exists starting in version 3.2.0, bypassing existing controls on the software. This can allow a user to request ...
CVE-2023-40017
- EPSS 0.09%
- Veröffentlicht 24.08.2023 23:15:09
- Zuletzt bearbeitet 21.11.2024 08:18:31
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. In versions 3.2.0 through 4.1.2, the endpoint `/proxy/?url=` does not properly protect against server-side request forgery. This allo...
CVE-2023-28442
- EPSS 0.27%
- Veröffentlicht 24.03.2023 00:15:15
- Zuletzt bearbeitet 21.11.2024 07:55:04
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. Prior to versions 2.20.6, 2.19.6, and 2.18.7, anonymous users can obtain sensitive information about GeoNode configurations from the ...
CVE-2023-26043
- EPSS 0.26%
- Veröffentlicht 27.02.2023 21:15:12
- Zuletzt bearbeitet 21.11.2024 07:50:38
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary F...