Filtered by vendor Mapserver
Subscriptions
Filtered by product Mapserver
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59431 | 1 Mapserver | 1 Mapserver | 2025-09-22 | N/A |
| MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipulate backend database queries. This vulnerability is fixed in 8.4.1. | ||||
Page 1 of 1.