Vulnerability Details CVE-2025-28860
Cross-Site Request Forgery (CSRF) vulnerability in PPDPurveyor Google News Editors Picks Feed Generator google-news-editors-picks-news-feeds allows Stored XSS.This issue affects Google News Editors Picks Feed Generator: from n/a through <= 2.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.4%
CVSS Severity
CVSS v3 Score 7.1
Products affected by CVE-2025-28860
-
cpe:2.3:a:ppdpurveyor:google_news_editors_picks_feed_generator:*