CVE-2025-54778
BaseFortify
Publication date: 2026-01-20
Last updated on: 2026-01-29
Assigner: Talos
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| meddream | pacs_server | 7.3.6.870 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-54778 is a reflected cross-site scripting (XSS) vulnerability in the existingUser functionality of MedDream PACS Premium version 7.3.6.870. It occurs because the application takes the 'external' parameter from the URL query string without proper sanitization and directly inserts it into the HTML output. This allows an attacker to craft a malicious URL that, when visited by an authenticated user, executes arbitrary JavaScript code in the user's browser. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary JavaScript code in the context of an authenticated user's browser. This can lead to theft of sensitive information, session hijacking, or performing actions on behalf of the user within the MedDream PACS application. Since the vulnerability requires user interaction (clicking a crafted URL), it can be exploited through phishing or social engineering attacks. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the existingUser functionality, specifically the Pacs/existingUser.php script, for reflected cross-site scripting via the 'external' URL parameter. You can craft a URL with a script tag injected into the 'external' parameter and observe if the JavaScript executes in the browser. For example, use curl or wget to send a request with a malicious payload in the 'external' parameter and check the response for unsanitized script tags. Example command: curl -i 'http://target/Pacs/existingUser.php?external=<script>alert(1)</script>' and inspect the response for the injected script. Additionally, web vulnerability scanners that test for reflected XSS can be used against this endpoint. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to apply the vendor-released patch that addresses this vulnerability, which was made available on December 5, 2025. Until the patch is applied, restrict access to the affected functionality to trusted users only, and educate users to avoid clicking on suspicious or untrusted URLs containing the 'external' parameter. Implement web application firewall (WAF) rules to detect and block malicious payloads targeting the 'external' parameter in the existingUser functionality. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this reflected XSS vulnerability in MedDream PACS Premium affects compliance with standards such as GDPR or HIPAA.