CVE-2025-21621 | GeoServer up to 2.24.x SLD_BODY cross site scripting (GHSA-w66h-j855-qr72)

A vulnerability was found in GeoServer up to 2.24.x. It has been declared as problematic. This impacts an unknown function. Such manipulation of the argument SLD_BODY leads to cross site scripting.

This vulnerability is traded as CVE-2025-21621. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More