CVE-2025-54157

Name of the Vulnerable Software and Affected Versions MedDream PACS Premium version 7.3.6.870

Description A reflected cross-site scripting (xss) issue exists within the encapsulatedDoc functionality. A crafted URL can result in arbitrary javascript code execution. An attacker can provide a malicious URL to trigger this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.