CVE-2025-27954 – Apache Clinical Collaboration Platform Cross-Site Scripting (XSS) and Remote Code Execution

CVE ID : CVE-2025-27954

Published : June 2, 2025, 6:15 p.m. | 2 hours, 11 minutes ago

Description : An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…