XSS in Zoo-project
CVE-2025-25189
The ZOO-Project is an open source processing platform. A reflected Cross-Site Scripting vulnerability exists in the ZOO-Project Web Processing Service (WPS) publish.py CGI script prior to commit 7a5ae1a. The script reflects user input from…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.004 (33.5th percentile) — read the EPSS interpretation.
Affected products
- Zoo-project — versions < 7a5ae1a
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)