Lucene search
+L

4 matches found

osv
osv
•added 2026/01/20 3:17 p.m.•6 views

CVE-2025-54853

A reflected cross-site scripting xss vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

5.4CVSS5.9AI score0.00235EPSS
Exploits1References2
cvelist
cvelist
•added 2026/01/20 2:49 p.m.•19 views

CVE-2025-54853

A reflected cross-site scripting xss vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS0.00235EPSS
Exploits1References1
cve
cve
•added 2026/01/20 2:49 p.m.•15 views

CVE-2025-54853

Talos reports a post-auth reflected cross-site scripting vulnerability in MedDream PACS Premium 7.3.6.870, funcĀ­ tion modifyUser.php, where the user parameter is echoed into HTML without sanitization. A crafted URL can trigger arbitrary JavaScript execution in the MedDream PACS web interface. Aff...

6.1CVSS5.6AI score0.00235EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
•added 2026/01/20 12:0 a.m.•7 views

PT-2026-3604

A reflected cross-site scripting xss vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.00235EPSS
Exploits1References2
Rows per page
Query Builder