A vulnerability, which was classified as problematic , was found in geoserver org.geoserver.web:gs-web-app and org.geoserver.web:gs-web-sec-core up to 2.26.3/2.27.2 . Impacted is an unknown function of the component Web Interface . The manipulation results in file inclusion. This vulnerability is cataloged as CVE-2025-52465 . The attack may be launched remotely. Furthermore, there is an exploit available. You should upgrade the affected component.