CVE-2025-58094 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malici…
Medium CVSS: 6.1

CVE-2025-58094

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the worklistsrc parameter.
Vendor
Meddream
Product
Pacs Server
CWE
CWE-79
Yayın Tarihi
2026-01-20 15:17:05
Güncelleme
2026-01-29 15:11:24
Source Identifier
talos-cna@cisco.com
KEV Date Added
-

Kategoriler

CWE-79 Pacs Server MEDIUM Meddream 2026

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2271