Geoserver: >> Geoserver >> 2.24.4 Security Vulnerabilities
GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version.
CVSS Score
9.8
EPSS Score
0.311
Published
2023-06-12