[GeoServer security advisory] Filesystem access

A XXE security vulnerability has been discovered in GeoServer that allows an attacker to access files on the host computer's filesystem. This fix has been updated for Suite 4.7 and now works with the JBoss application server.

Boundless encourages all users to upgrade to OpenGeo Suite 4.7 to avoid any issues that might arise from this bug.

Have more questions? Submit a request

Comments

Powered by Zendesk