4 matches found
CVE-2025-54853
A reflected cross-site scripting xss vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...
CVE-2025-54853
A reflected cross-site scripting xss vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...
CVE-2025-54853
Talos reports a post-auth reflected cross-site scripting vulnerability in MedDream PACS Premium 7.3.6.870, funcĀ tion modifyUser.php, where the user parameter is echoed into HTML without sanitization. A crafted URL can trigger arbitrary JavaScript execution in the MedDream PACS web interface. Aff...
PT-2026-3604
A reflected cross-site scripting xss vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...