CISA Identifies Critical GeoServer XXE Vulnerability as Actively Exploited
CISA Identifies Critical GeoServer XXE Vulnerability as Actively Exploited Background and Context The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical vulnerability in OSGeo’s GeoServer, drawing attention to its potential risks and the urgent need for mitigation. The vulnerability, designated as CVE-2025-58360, has been classified with a CVSS score of 8.2, indicating…