Security Advisory

CVE-2025-44000

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-20 14:49:39
Last updated 2026-01-21 16:17:07
Assigner talos
State PUBLISHED

Description

A reflected cross-site scripting (xss) vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.