CVE-2023-6011 in Geodiinfo

Summary

by MITRE • 11/22/2023

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DECE Software Geodi allows Stored XSS.

This issue affects Geodi: before 8.0.0.27396.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 05/20/2026

The vulnerability identified as CVE-2023-6011 represents a critical cross-site scripting flaw within DECE Software Geodi application, specifically impacting versions prior to 8.0.0.27396. This security weakness falls under the Common Weakness Enumeration category CWE-79, which defines improper neutralization of input during web page generation as a fundamental web application security flaw. The vulnerability enables attackers to inject malicious scripts into web pages viewed by other users, creating a persistent threat that can compromise user sessions and data integrity.

The technical implementation of this stored cross-site scripting vulnerability occurs when the Geodi application fails to properly sanitize user-supplied input before incorporating it into dynamically generated web content. When legitimate users interact with the application, their input data gets stored in the application's database or memory without adequate validation and sanitization processes. This stored data is then subsequently rendered back to other users without proper encoding or escaping mechanisms, allowing malicious scripts to execute within the context of the victim's browser session. The flaw specifically manifests during the web page generation phase where user input is directly embedded into HTML output without appropriate security controls.

The operational impact of this vulnerability extends beyond simple script execution, creating significant risks for organizations utilizing the Geodi platform. Attackers can leverage this weakness to steal session cookies, perform unauthorized actions on behalf of users, redirect victims to malicious websites, or even escalate privileges within the application environment. The stored nature of the vulnerability means that once malicious input is injected and processed, it persists in the system and affects all subsequent users who view the compromised content. This creates a persistent threat vector that can remain active for extended periods without detection, potentially allowing attackers to maintain access and continue exploiting the system.

Organizations should implement immediate mitigation strategies including upgrading to the patched version 8.0.0.27396 or later, which incorporates proper input validation and sanitization mechanisms. Additional defensive measures include implementing content security policies to restrict script execution, deploying web application firewalls to detect and block malicious payloads, and conducting thorough input validation for all user-supplied data. Security teams should also establish monitoring procedures to identify potential exploitation attempts and ensure that all user input undergoes proper sanitization before being processed or stored within the application. The vulnerability demonstrates the critical importance of input validation in web applications and aligns with ATT&CK technique T1059.001 for command and scripting interpreter, as attackers can leverage XSS to execute malicious code within user browsers.

Reservation

11/08/2023

Disclosure

11/22/2023

Moderation

accepted

CPE

ready

EPSS

0.00388

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!