cbcvebase.
CVE-2025-59431
published 2025-09-19

CVE-2025-59431: MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL…

PriorityP358critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.39%
30.9th percentile
MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipulate backend database queries. This vulnerability is fixed in 8.4.1.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianmapserver< mapserver 7.6.2-1+deb11u1 (bullseye)mapserver 7.6.2-1+deb11u1 (bullseye)
mapservermapserver< 8.4.18.4.1
osgeomapserver
osgeomapserver>= 0 < 7.6.2-1+deb11u17.6.2-1+deb11u1
osgeomapserver>= 0 < 8.4.0-4+deb13u18.4.0-4+deb13u1
osgeomapserver>= 0 < 8.4.1-18.4.1-1

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.9HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv8.9HIGH
vendor_debian8.9HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.