CVE-2025-27447 — The web application is susceptible to cross-site-scripting attacks. An attacker can create a prepared URL, which injects JavaScript code into the website. The code is executed in the victim’s browse — CVE Database · The Intelligence Room