CVE-2025-21621 | GeoServer up to 2.24.x SLD_BODY cross site scripting (GHSA-w66h-j855-qr72)

Inserito da Angelo Barbosa | Nov 26, 2025 | CVE

A vulnerability was found in GeoServer up to 2.24.x. It has been declared as problematic. This impacts an unknown function. Such manipulation of the argument SLD_BODY leads to cross site scripting.

This vulnerability is traded as CVE-2025-21621. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-21621 | GeoServer up to 2.24.x SLD_BODY cross site scripting (GHSA-w66h-j855-qr72)

Post correlati

CVE-2024-34883 | 1C-Bitrix Bitrix24 23.300.100 DAV ServerSetting insufficiently protected credentials

CVE-2024-37256 | Themeum Tutor LMS Plugin up to 2.7.1 on WordPress sql injection

CVE-2025-5386 | JeeWMS up to 20250504 cgformTransController.do?transEditor sql injection (IC5FNV)

CVE-2023-28903 | Preh Car Connect Volkswagen MIB3 Infotainment System MIB3 OI MQB up to 0304 Image integer overflow