CVE-2025-54862

Medium CVSS: 4.8

Sante PACS Server web portal is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirecting a user to a malicious webpage and stealing the user's cookie.

Vendor

Santesoft

Product

Sante Pacs Server

CWE

CWE-79

Yayın Tarihi

2025-08-18 22:15:28

Güncelleme

2025-10-17 17:01:15

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-79 Sante Pacs Server MEDIUM Santesoft 2025

Referanslar

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-224-01

Benzer Kayıtlar

High

CVE-2026-2034

Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows r…

High

CVE-2025-53948

The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a deni…

Critical

CVE-2025-54156

The Sante PACS Server Web Portal sends credential information without encryption.

Medium

CVE-2025-54759

Sante PACS Server is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirectin…

High

CVE-2025-5481

Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allo…

High

CVE-2025-5307

Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue t…