CVE-2025-57786
CVE-2025-57786 is a post-authenticated, reflected XSS in MedDream PACS Premium 7.3.6.870, specifically in the Pacs/notifynewstudy.php script where the value of the user parameter is written into HTML output without sanitization. Talos details confirm the vulnerability can trigger arbitrary JavaSc...