CNNVD-202601-3231 Information
CNNVD ID
CNNVD-202601-3231
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
MedDream PACS Premium是MedDream公司的一款企业级图像存储与管理服务器套件。 MedDream PACS Premium 7.3.6.870版本存在跨站脚本漏洞,该漏洞源于config.php功能中longtermdir参数容易受到反射型跨站脚本攻击,可能导致执行任意javascript代码。
Description (English)
MedDream PACS Premium is an enterprise-level image storage and management server suite for MedDream. MedDream PACS Premium 7.3.6.870 has a cross-site script loophole, which stems from the fact that the longtermmdir parameters in the config.php function are vulnerable to reflective cross-station script attacks and may result in the implementation of arbitrary javascript codes.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
MedDream
Published
2026-01-20
Last Modified
2026-02-24
References
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2271 https://access.redhat.com/security/cve/cve-2025-58089
Patch
https://meddream.com/products/meddream-pacs-server/
Share on: