Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server’s error reporting.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | orthanc | <= 1.10.1+dfsg-2+deb12u1 | orthanc_1.10.1+dfsg-2+deb12u1_all.deb |
Debian | 11 | all | orthanc | <= 1.9.2+really1.9.1+dfsg-1+deb11u1 | orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_all.deb |
Debian | 10 | all | orthanc | <= 1.5.6+dfsg-1 | orthanc_1.5.6+dfsg-1_all.deb |
Debian | 999 | all | orthanc | < 1.12.2+dfsg-1 | orthanc_1.12.2+dfsg-1_all.deb |
Debian | 13 | all | orthanc | < 1.12.2+dfsg-1 | orthanc_1.12.2+dfsg-1_all.deb |