PT-2026-3602 · Unknown · Meddream Pacs Premium
Marcin Icewall
·
Published
2026-01-20
·
Updated
2026-01-20
·
CVE-2025-54817
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
MedDream PACS Premium version 7.3.6.870
Description
A reflected cross-site scripting (xss) issue exists within the autoPurge functionality. A crafted malicious URL can result in arbitrary javascript code execution. An attacker could provide a URL to a malicious website to trigger this issue.
Recommendations
Apply updates to address the issue in MedDream PACS Premium version 7.3.6.870.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Meddream Pacs Premium