CVE-2025-5387

Name of the Vulnerable Software and Affected Versions JeeWMS up to 20250504

Description A critical issue has been discovered, affecting the dogenerate function of the /generateController.do?dogenerate file in the File Handler component. This leads to improper access controls, allowing remote attacks. The product uses a rolling release model for continuous delivery, so specific version details for affected or updated releases are not available.

Recommendations For JeeWMS up to 20250504, consider disabling the dogenerate function of the /generateController.do?dogenerate file as a temporary workaround until a fix is available. Restrict access to the File Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.