mapfish/mapfish-print

mapfish/mapfish-print

mapfish.github.io

Releases263

Frequency2 weeks 6 days

Last Release 13 days ago

Stars196

A component of MapFish for printing templated cartographic maps. This module is the Java serverside module.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-44672 ↗	May 28, 2026Thursday, 28 May 2026, 16:16	—	—
mapfish-print is a component of MapFish for printing templated cartographic maps. From 3.23.0 to before 3.28.28, 3.30.30, 3.31.22, 3.33.14, and 4.0.3, the attacker can execute arbitrary code in Dynamic table without being authenticated. This vulnerability is fixed in 3.28.28, 3.30.30, 3.31.22, 3.33.14, and 4.0.3.
CVE-2020-15231 ↗	Oct 2, 2020Friday, 2 October 2020, 20:15	9.3 CRITICAL	4.3 MEDIUM
In mapfish-print before version 3.24, a user can use the JSONP support to do a Cross-site scripting.
CVE-2020-15232 ↗	Oct 2, 2020Friday, 2 October 2020, 20:15	9.3 CRITICAL	6.4 MEDIUM
In mapfish-print before version 3.24, a user can do to an XML External Entity (XXE) attack with the provided SDL style.