Server-Side Request Forgery (SSRF) in geoserver - CVE-2023-41339
Published: October 24, 2023 / Updated: May 5, 2026
geoserver
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to server-side request forgery in the WMS endpoint when processing user-supplied sld URL parameters in GetMap, GetLegendGraphic, or GetFeatureInfo requests. A remote attacker can send a specially crafted request to disclose sensitive information.
Exploitation requires dynamic styling to be enabled and URL checks to be disabled or configured to allow file access.