2396994 – (CVE-2025-59431) CVE-2025-59431 mapserver: MapServer SQL injection

Bug 2396994 (CVE-2025-59431) - CVE-2025-59431 mapserver: MapServer SQL injection

Summary: CVE-2025-59431 mapserver: MapServer SQL injection

Keywords:
Status:	NEW
Alias:	CVE-2025-59431
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2397020 2397021 2397022
Blocks:
TreeView+	depends on / blocked

Reported:	2025-09-19 20:01 UTC by OSIDB Bzimport
Modified:	2025-09-20 18:23 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-09-19 20:01:50 UTC

MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipulate backend database queries. This vulnerability is fixed in 8.4.1.

Note You need to log in before you can comment on or make changes to this bug.