exploitDog

CVE-2025-32731

Опубликовано: 28 июл. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

A reflected cross-site scripting (xss) vulnerability exists in the radiationDoseReport.php functionality of meddream MedDream PACS Premium 7.3.5.860. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2176
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2176

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:meddream:pacs_server:7.3.5.860:*:*:*:premium:*:*:*

EPSS

Процентиль: 12%

0.00041

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-mj58-grhx-fvmf

CVSS3: 6.1

github

6 месяцев назад

A reflected cross-site scripting (xss) vulnerability exists in the radiationDoseReport.php functionality of meddream MedDream PACS Premium 7.3.5.860. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.

EPSS

Процентиль: 12%

0.00041

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79