PT-2026-3596 · Unknown · Meddream Pacs Premium
Marcin Icewall
·
Published
2026-01-20
·
Updated
2026-01-20
·
CVE-2025-53854
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
MedDream PACS Premium version 7.3.6.870
Description
A reflected cross-site scripting (xss) issue exists within the
modifyHL7Route functionality. A crafted URL can cause arbitrary javascript code to run. An attacker can provide a malicious URL to trigger this issue.Recommendations
Apply updates to address the issue in MedDream PACS Premium version 7.3.6.870.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Meddream Pacs Premium