2 matches found
CVE-2022-37461
Multiple cross-site scripting XSS vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via 1 the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the 2 groupID, 3 offset, or 4 limit parameter to a...
CVE-2022-37461
Canon Medical Vitrea View is affected: XSS in Vitrea View 7.x before 7.7.6 can be triggered via the error subdirectory path or by parameters (groupID, offset, limit) in the Administrative Panel, potentially allowing access to patient information. Affected versions are 7.x up to 7.7.5; remediation...