This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
RedTeam Pentesting
redteam-pentesting.de
did:plc:phhzupcwv3iro356vj4pdy6b
Red Hat is aware, but they chose not to fix it. They also assigned a low CVSS score 5.5 because it is supposed to be "only exploitable locally" even though many web apps process uploaded documents using Ghostscript:
https://access.redhat.com/security/cve/cve-2025-27835
2025-11-13T08:59:47.483Z