CNNVD-202601-3235 Information

CNNVD ID

CNNVD-202601-3235

Related CVE

CVE-2025-58080

• CNNVD Published: 2026-01-20

Description (Chinese)

MedDream PACS Premium是MedDream公司的一款企业级图像存储与管理服务器套件。 MedDream PACS Premium 7.3.6.870版本存在安全漏洞，该漏洞源于modifyHL7App功能存在反射型跨站脚本漏洞，可能导致执行任意javascript代码。

Description (English)

MedDream PACS Premium is an enterprise-level image storage and management server suite for MedDream. MedDream PACS Premium 7.3.6.870 contains a security loophole, which stems from the reflective cross-site script gap in the ModivyHL7App function, which may lead to the implementation of any javascript code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

MedDream

Published

2026-01-20

Last Modified

2026-02-24

References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2264 https://access.redhat.com/security/cve/cve-2025-58080

Patch

https://meddream.com/products/meddream-pacs-server/