Skip to main content

Terriajs Server

1 CVEs product

Monthly

CVE-2026-27818 npm HIGH PATCH This Week

Improper input validation in TerriaJS-Server versions before 4.0.3 allows unauthenticated remote attackers to bypass domain allowlist restrictions and proxy requests to arbitrary domains. This vulnerability affects Node.js deployments of TerriaJS and could enable attackers to access restricted resources or perform server-side request forgery attacks. A patch is available in version 4.0.3 and later.

Node.js Terriajs Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Improper input validation in TerriaJS-Server versions before 4.0.3 allows unauthenticated remote attackers to bypass domain allowlist restrictions and proxy requests to arbitrary domains. This vulnerability affects Node.js deployments of TerriaJS and could enable attackers to access restricted resources or perform server-side request forgery attacks. A patch is available in version 4.0.3 and later.

Node.js Terriajs Server
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy