CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-27447

The web application is susceptible to cross-site-scripting attacks. An attacker can create a prepared URL, which injects JavaScript code into the website. The code is executed in the victimâ€™s browser when an authenticated administrator clicks the link.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.2%

CVSS Severity

CVSS v3 Score 7.4

References

https://sick.com/psirt
https://sick.com/psirt
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.endress.com
https://www.first.org/cvss/calculator/3.1
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.json
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.pdf

Products affected by CVE-2025-27447

Endress » Meac300-Fnade4 » Version: N/A

cpe:2.3:h:endress:meac300-fnade4:-
Endress » Meac300-Fnade4 Firmware » Version: Any

cpe:2.3:o:endress:meac300-fnade4_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27447

Products

Pricing

Contact Us