Primary

Context

GeoNode Server-Side Request Forgery Vulnerability via Document Upload

Vulnerability

Patched

A server-side request forgery (SSRF) vulnerability has been identified in GeoNode versions 4.0 prior to 4.4.5 and 5.0 prior to 5.0.2. This vulnerability allows authenticated users with document upload permissions to send arbitrary outbound HTTP requests. By providing a malicious URL through the doc_url parameter during document upload, users can direct the server to make requests to internal network targets, loopback addresses, RFC1918 addresses, or cloud metadata services. The vulnerability exists without proper SSRF mitigations, such as private IP filtering or redirect validation.

Impact

Exploitation of this vulnerability allows for unauthorized outbound HTTP requests to internal resources, potentially leading to exposure of sensitive data or services.

Remediation

Users can upgrade to GeoNode versions 4.4.5 or 5.0.2 to address this vulnerability.

Added: Apr 10, 2026, 8:33 PM

Updated: Apr 10, 2026, 8:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

0.6

exploitability

5.2

remediation

7.7

relevance

5.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

0.6

exploitability

5.2

remediation

7.7

relevance

5.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GeoNode Server-Side Request Forgery Vulnerability via Document Upload

Vulnerability

Impact

Remediation

Affected Products

GeoNode

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating