Vulnerabilities in GeoNode
7 resultsCVE-2023-26043MEDIUMXML External Entity (XXE) injection in GeoServer style upload functionalityEPSS 0.8%CVE-2023-42439HIGHGeoNode SSRF Bypass to return internal host dataEPSS 0.8%CVE-2023-28442HIGHGeoserver for GeoNode sensitive information leakEPSS 0.6%CVE-2023-40017HIGHGeonode Server Side Request Forgery vulnerabilityEPSS 0.6%CVE-2024-27091MEDIUMGeoNode stored XSS to full account takeoverEPSS 0.4%CVE-2026-39921MEDIUMGeoNode < 4.4.5, 5.0.2 SSRF via Document UploadEPSS 0.2%CVE-2026-39922MEDIUMGeoNode SSRF via Service RegistrationEPSS 0.2%