CVE-2025-54817
BaseFortify
Publication date: 2026-01-20
Last updated on: 2026-01-29
Assigner: Talos
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| meddream | pacs_server | 7.3.6.870 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a reflected cross-site scripting (XSS) issue in the autoPurge functionality of MedDream PACS Premium version 7.3.6.870. It occurs because the 'purgeby' POST parameter is not properly sanitized before being included in the HTML output. An attacker can send a specially crafted POST request with malicious JavaScript code in the 'purgeby' parameter, which the server then reflects back in its response. This causes the victim's browser to execute the injected script. The vulnerability requires authentication but no special privileges beyond that. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser when they interact with the vulnerable functionality. This can lead to theft of sensitive information, session hijacking, or performing actions on behalf of the user. Since the vulnerability affects a medical image management system, it could potentially expose sensitive medical data or disrupt user trust. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a specially crafted POST request to the Pacs/autoPurge.php script with a malicious `purgeby` parameter and observing if the response reflects the injected script. For example, you can use curl to test this: curl -X POST -d "purgeby=<script>alert(1)</script>" https://[target]/Pacs/autoPurge.php -i. If the response contains the injected script, the system is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the patch released on December 5, 2025, which fixes the vulnerability by properly sanitizing the `purgeby` parameter. Until the patch is applied, restrict access to the autoPurge functionality to trusted users only, monitor for suspicious POST requests to Pacs/autoPurge.php, and educate users to avoid interacting with untrusted URLs that could trigger this vulnerability. [1]