CNNVD-202601-3233 Information
Jan 20, 2026
cve
CNNVD ID
CNNVD-202601-3233
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
MedDream PACS Premium是MedDream公司的一款企业级图像存储与管理服务器套件。 MedDream PACS Premium 7.3.6.870版本存在跨站脚本漏洞,该漏洞源于config.php功能中archivedir参数存在反射型跨站脚本漏洞,可能导致执行任意javascript代码。
Description (English)
MedDream PACS Premium is an enterprise-level image storage and management server suite for MedDream. MedDream PACS Premium 7.3.6.870 has a cross-site script loophole, which stems from the reflectivedir parameter in the config.php function and may lead to the implementation of any javascript code.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
MedDream
Published
2026-01-20
Last Modified
2026-02-24
References
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2271
Patch
https://meddream.com/products/meddream-pacs-server/
Share on: