CNNVD-202508-1382 Information

CNNVD ID

CNNVD-202508-1382

Related CVE

CVE-2025-50690

• CNNVD Published: 2025-08-13

Description (Chinese)

SpatialReference.org是SpatialReference组织的一个在线资源平台。 SpatialReference.org 2025-05-17之前版本存在安全漏洞，该漏洞源于对搜索查询参数输入处理不当，可能导致跨站脚本攻击。

Description (English)

SpatialReference.org is an online resource platform organized by SpatialReference. Prior to SpatialReference.org 2025-05-17, there was a security loophole, which stemmed from the inappropriate handling of search query parameters and could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

SPIP

Published

2025-08-13

Last Modified

2026-02-24

References

https://medium.com/@Justinsecure/cracking-open-a-reflected-xss-in-spatialreference-org-fcc42175ae6b https://github.com/OSGeo/spatialreference.org https://access.redhat.com/security/cve/cve-2025-50690

Patch

https://github.com/OSGeo/spatialreference.org