4 matches found
CVE-2025-46270
A reflected cross-site scripting xss vulnerability exists in the fetchPriorStudies functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...
CVE-2025-46270
A reflected cross-site scripting xss vulnerability exists in the fetchPriorStudies functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...
CVE-2025-46270
Talos reports MedDream PACS Premium 7.3.6.870 contains a post-authenticated reflected XSS in Pacs/fetchPriorStudies.php, triggered by a crafted uid URL parameter. The vulnerability can cause arbitrary JavaScript execution in the attacker’s browser when the vulnerable page outputs unsanitized uid ...
MedDream PACS Premium security vulnerability
MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a security vulnerability caused by a reflective cross-site scripting vulnerability in the fetchPriorStudies function, which...