CNNVD-202509-4362 Information

CNNVD ID

CNNVD-202509-4362

Related CVE

CVE-2025-35034

• CNNVD Published: 2025-09-29

Description (Chinese)

Medical Informatics Engineering Enterprise Health是美国Medical Informatics Engineering公司的一个医疗健康解决方案。 Medical Informatics Engineering Enterprise Health存在安全漏洞，该漏洞源于portlet_user_id URL参数存在反射型跨站脚本，可能导致执行任意JavaScript。

Description (English)

Medical Intimacy Engineering Enterprise Health is a medical health solution for the American company Medicifics Engineering. There is a security loophole in the Medical Engineering Enterprise Health, which stems from the reflector-type cross-site script of the portlet user id URL parameter, which could lead to the execution of any JavaScript.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Medical Informatics Engineering

Published

2025-09-29

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-272-01.json https://www.cve.org/CVERecord?id=CVE-2025-35034