Orthanc · Orthanc · CVE-2024-22725
**Name of the Vulnerable Software and Affected Versions**
Orthanc versions prior to 1.12.2
**Description**
The issue is a reflected cross-site scripting (XSS) vulnerability. It was present in the server's error reporting.
**Recommendations**
For Orthanc versions prior to 1.12.2, update to version 1.12.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the server's error reporting feature until a patch is applied.