CVE-2025-25189 | ZOO-Project Web Processing Service publish.py jobid cross site scripting (GHSA-pw7m-p9q7-357p)

Inserito da Angelo Barbosa | Feb 10, 2025 | CVE

A vulnerability was found in ZOO-Project and classified as problematic. This issue affects some unknown processing of the file publish.py of the component Web Processing Service. The manipulation of the argument jobid leads to cross site scripting.

The identification of this vulnerability is CVE-2025-25189. The attack may be initiated remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-25189 | ZOO-Project Web Processing Service publish.py jobid cross site scripting (GHSA-pw7m-p9q7-357p)

Post correlati

CVE-2024-27684 | D-Link GORTAC750 A1 101b03 dlapn.cgi url cross site scripting

CVE-2024-25218 | Task Manager App 1.0 Projects.php Project Name cross site scripting

CVE-2024-2932 | SourceCodester Online Chatting System 1.0 admin/update_room.php id sql injection

CVE-2024-28344 | Sipwise C5 NGCP Dashboard up to mr11.5.0 URL back redirect