Terriajs Server

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-27818 HIGH PATCH This Week

Improper input validation in TerriaJS-Server versions before 4.0.3 allows unauthenticated remote attackers to bypass domain allowlist restrictions and proxy requests to arbitrary domains. This vulnerability affects Node.js deployments of TerriaJS and could enable attackers to access restricted resources or perform server-side request forgery attacks. A patch is available in version 4.0.3 and later.

Node.js Terriajs Server

NVD GitHub

CVSS 3.1

7.5

EPSS

0.1%

CVE-2026-27818

EPSS 0% CVSS 7.5

HIGH PATCH This Week

Improper input validation in TerriaJS-Server versions before 4.0.3 allows unauthenticated remote attackers to bypass domain allowlist restrictions and proxy requests to arbitrary domains. This vulnerability affects Node.js deployments of TerriaJS and could enable attackers to access restricted resources or perform server-side request forgery attacks. A patch is available in version 4.0.3 and later.

Node.js Terriajs Server

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy