CVE-2022-38765

Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter...

Canon Medical Vitrea View 安全漏洞

Canon Medical Vitrea View is a DICOM network-enabled enterprise viewing solution from Canon Japan. It is used to visualize DICOM and multimedia images. A security vulnerability exists in Canon Medical Vitrea View version 7.7.76.1 that stems from incorrect access control...

Canon Medical Vitrea View Cross-Site Scripting Vulnerability

Canon Medical Vitrea View is a DICOM network-enabled enterprise viewing solution from Canon, Japan. A cross-site scripting vulnerability exists in Canon Medical Vitrea View, which is used to visually display DICOM and multimedia images. An attacker could use this vulnerability to execute arbitrar...

CVE-2022-37461

Multiple cross-site scripting XSS vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via 1 the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the 2 groupID, 3 offset, or 4 limit parameter to a...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via 1 the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the 2 groupID, 3 offset, or 4 limit parameter to a...

CVE-2022-37461

Multiple cross-site scripting XSS vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via 1 the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the 2 groupID, 3 offset, or 4 limit parameter to a...

CVE-2022-37461

Canon Medical Vitrea View is affected: XSS in Vitrea View 7.x before 7.7.6 can be triggered via the error subdirectory path or by parameters (groupID, offset, limit) in the Administrative Panel, potentially allowing access to patient information. Affected versions are 7.x up to 7.7.5; remediation...

Canon Medical Vitrea View 跨站脚本漏洞

Canon Medical Vitrea View is a DICOM network-enabled enterprise viewing solution from Canon, Japan. A cross-site scripting vulnerability exists in Canon Medical Vitrea View, which is used to visually display DICOM and multimedia images. An attacker could use this vulnerability to execute arbitrar...

PT-2022-24013 · Canon Medical · Canon Medical Vitrea View

Name of the Vulnerable Software and Affected Versions: Canon Medical Vitrea View versions 7.x through 7.7.5 Description: Multiple cross-site scripting XSS vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the input after the error subdirectory to the...