4 matches found
EUVD-2026-35842
OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...
CVE-2026-25860 OpenClinic GA 5.351.19 Reflected XSS via DICOM Image Upload Handler
OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...
CVE-2026-25860
OpenClinic GA 5.351.19 is affected by a reflected XSS in the DICOM image upload handler. An attacker can embed JavaScript in DICOM metadata (e.g., Study Description) which is reflected in popup.jsp and archiving/uploadfiles_jsp.java during the Upload DICOM images workflow, enabling arbitrary scri...
PT-2021-14789 · Accusoft · Accusoft Imagegear
Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 19.9 Description: An integer overflow issue exists in the DICOM parse dicom meta info functionality. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious...