CVE-2025-58092
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the phpexe parameter.
Vendor
Product
CWE
Yayın Tarihi
2026-01-20 15:17:04
Güncelleme
2026-01-29 14:58:36
Source Identifier
talos-cna@cisco.com
KEV Date Added
-