EPSS
Percentile
76.4%
An XML external entity (XXE) injection in PyWPS before 4.5.0 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected.
github.com/advisories/GHSA-p9wf-3xpg-c9g5
github.com/geopython/OWSLib/issues/790
github.com/geopython/pywps/pull/616