2 matches found
CVE-2023-7238 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Orthanc Osimis DICOM Web Viewer
A XSS payload can be uploaded as a DICOM study and when a user tries to view the infected study inside the Osimis WebViewer the XSS vulnerability gets triggered. If exploited, the attacker will be able to execute arbitrary JavaScript code inside the victim's browser...
Orthanc Osimis DICOM Web Viewer
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Orthanc Equipment : Osimis Web Viewer Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary...