GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution
Description
GeoServer SSRF vulnerability in XML entity resolution when using ENTITY_RESOLUTION_ALLOWLIST and proxy base URL without path, allowing unauthenticated requests to unintended locations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
GeoServer SSRF vulnerability in XML entity resolution when using ENTITY_RESOLUTION_ALLOWLIST and proxy base URL without path, allowing unauthenticated requests to unintended locations.
Vulnerability
GeoServer versions up to 2.26.3 and from 2.27.0 to 2.27.2 are vulnerable to Server-Side Request Forgery (SSRF) through XML entity resolution when ENTITY_RESOLUTION_ALLOWLIST is enabled (default since 2.25.0) and the proxy base URL does not contain a URL path or end with a slash (e.g., https://somesite.org instead of https://somesite.org/) [1][3]. The vulnerability resides in the XML entity resolution component, allowing external entities to be fetched without proper validation in these configurations.
Exploitation
An unauthenticated attacker can exploit this by sending a crafted XML request (e.g., via an OGC service interface) that includes an external entity pointing to an internal or external URL. If the GeoServer proxy base URL is misconfigured as described, the entity resolution will process the attacker-supplied URL, causing GeoServer to make a request to that location [2]. No authentication or special privileges are required; only network access to a GeoServer instance with the vulnerable configuration.
Impact
Successful exploitation allows the attacker to perform SSRF, causing GeoServer to make requests to arbitrary internal or external hosts [1][3]. This can lead to information disclosure, internal network scanning, or interaction with other services that are otherwise inaccessible. The attacker does not gain direct code execution, but the SSRF can be leveraged for further attacks.
Mitigation
The vulnerability is fixed in GeoServer versions 2.26.4 and 2.27.3 [1]. As a workaround, if the proxy base URL does not contain a path, add a trailing slash (e.g., change https://somesite.org to https://somesite.org/) [1][3]. No other mitigations are needed if the proxy base URL already ends with a slash or contains a path. GeoServer installations not using a proxy base URL are not affected.
AI Insight generated on Jun 12, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
1b48d9fe4171ffeedback from review
1 file changed · +4 −3
doc/en/user/source/production/config.rst+4 −3 modified@@ -440,9 +440,10 @@ When processing XML documents from service requests (POST requests, and GET requ For handling ``jar:file:`` and ``vfs:`` (WildFly) entity resolution, GeoServer will attempt to determine the location of the webapp's lib directory and restrict entity resolution to that directory. This functionality is particularly important when GeoServer is deployed in a Windows operating system. While this functionality has been tested in basic -Tomcat, Jetty and WildFly installations, it is possible that some installations may experience problems with it. If -necessary, this functionality can be disabled by setting the ``-DENTITY_RESOLUTION_UNRESTRICTED_INTERNAL=true`` system -property. +Tomcat, Jetty and WildFly installations, it is possible that some installations may experience problems with it. + +If necessary, this functionality can be disabled by setting the ``ENTITY_RESOLUTION_UNRESTRICTED_INTERNAL`` application property to ``true``. +For example with ``-DENTITY_RESOLUTION_UNRESTRICTED_INTERNAL=true`` java system property. GeoServer provides a number of facilities to control external entity resolution:
Vulnerability mechanics
Synthesis attempt was rejected by the grounding validator. Re-run pending.
References
3News mentions
0No linked articles in our index yet.