VYPR

Geonode

by Geosolutionsgroup

Source repositories

CVEs (4)

  • CVE-2026-39922MedApr 10, 2026
    risk 0.34cvss 6.3epss 0.00

    GeoNode versions 4.4.5 and 5.0.2 (and prior within their respective releases) contain a server-side request forgery vulnerability in the service registration endpoint that allows authenticated attackers to trigger outbound network requests to arbitrary URLs by submitting a…

  • CVE-2026-39921MedApr 10, 2026
    risk 0.34cvss 6.3epss 0.00

    GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows authenticated users with document upload permissions to trigger arbitrary outbound HTTP requests by providing a malicious URL via the doc_url parameter during…

  • CVE-2024-27091Mar 27, 2024
    risk 0.00cvss epss 0.00

    GeoNode is a geospatial content management system, a platform for the management and publication of geospatial data. An issue exists within GEONODE where the current rich text editor is vulnerable to Stored XSS. The applications cookies are set securely, but it is possible to…

  • CVE-2023-28442Mar 23, 2023
    risk 0.00cvss epss 0.01

    GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. Prior to versions 2.20.6, 2.19.6, and 2.18.7, anonymous users can obtain sensitive information about GeoNode configurations from the response of the…