CNNVD-202508-2062 Information
CNNVD ID
CNNVD-202508-2062
Related CVE
- CNNVD Published: 2025-08-18
Description (Chinese)
Santesoft Sante PACS Server是塞浦路斯Santesoft公司的一个符合 DICOM 3.0 的PACS 服务器、Modality Worklist 服务器、 用于 DICOM 文件的 HTTP(Web)服务器以及 CD/DVD 刻录和打印服务器。用于存储、存档、管理、查看和刻录医学图像。 Santesoft Sante PACS Server存在跨站脚本漏洞,该漏洞源于存储型跨站脚本漏洞,可能导致重定向和窃取用户cookie。
Description (English)
Santesoft Sante PACS Server is a DICOM 3.0-compliant PACS server, Modality Worklist server, HTTP (Web) server for DICOM files, and CD/DVD writer and printing server for Santesoft, Cyprus. To store, archive, manage, view and burn medical images. Santesoft Sante PACS Server has a cross-site script loophole, which originates in a storage-type cross-site script loophole, which may lead to redirection and the theft of the user cookies.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Santesoft
Published
2025-08-18
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-224-01 https://nvd.nist.gov/vuln/detail/CVE-2025-54759
Patch
https://santesoft.com/win/sante-pacs-server/download.html
Share on: