CNNVD-202601-3227 Information
Jan 20, 2026
cve
CNNVD ID
CNNVD-202601-3227
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
MedDream PACS Premium是MedDream公司的一款企业级图像存储与管理服务器套件。 MedDream PACS Premium 7.3.6.870版本存在跨站脚本漏洞,该漏洞源于config.php功能中worklistsrc参数容易受到反射型跨站脚本攻击,可能导致执行任意javascript代码。
Description (English)
MedDream PACS Premium is an enterprise-level image storage and management server suite for MedDream. MedDream PACS Premium 7.3.6.870 has a cross-site script loophole, which stems from the fact that the worklistsrc parameters in the config.php function are vulnerable to reflective cross-site attacks, which may lead to the implementation of arbitrary javascript codes.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
MedDream
Published
2026-01-20
Last Modified
2026-02-24
References
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2271
Patch
https://meddream.com/products/meddream-pacs-server/
Share on: