OSGeo (JAI-EXT) Data Breach
OSGeo (JAI-EXT) experienced a data breach that was reported on June 26, 2024. OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle script to be provided via network request, could allow remote code execution.
Key Facts
- Organization
- OSGeo (JAI-EXT)
- Date Reported
- June 26, 2024
- Incident Type
- web app exploit
- Industry
- Technology
- Severity Score
- 5/10
- Confidence Level
- high
- Tags
Source
View original source - External link to primary source documentation
Understanding web app exploit Incidents
Web application exploits target vulnerabilities in websites and APIs. Secure development practices, WAFs, and penetration testing protect against these attacks.