CVE-2025-55071 – A reflected cross-site scripting vulnerability ... (How to Fix)

Q: What is the severity of CVE-2025-55071?

CVE-2025-55071 has a CVSS score of 6.1 (MEDIUM). A reflected cross-site scripting vulnerability in MedDream PACS Premium allows attackers to execute arbitrary JavaScript code by tricking users into clicking malicious URLs. This affects healthcare organizations using MedDream PACS Premium 7.3.6.870 for medical imaging. Attackers can steal session cookies, redirect users, or perform actions on their behalf.

📋 TL;DR

A reflected cross-site scripting vulnerability in MedDream PACS Premium allows attackers to execute arbitrary JavaScript code by tricking users into clicking malicious URLs. This affects healthcare organizations using MedDream PACS Premium 7.3.6.870 for medical imaging. Attackers can steal session cookies, redirect users, or perform actions on their behalf.

💻 Affected Systems

Products:

MedDream PACS Premium

Versions: 7.3.6.870

Operating Systems: All platforms running MedDream PACS Premium

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability is in the modifyAnonymize functionality and requires user interaction via crafted URLs.

📦 What is this software?

Pacs Server by Meddream

View all CVEs affecting Pacs Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker steals administrator session cookies, gains full system access, exfiltrates patient medical records, and potentially modifies medical imaging data.

🟠

Likely Case

Attacker steals user session cookies to access patient data, performs phishing attacks, or redirects users to malicious sites.

🟢

If Mitigated

With proper input validation and output encoding, the vulnerability is prevented; with web application firewalls, malicious payloads are blocked.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user interaction (clicking malicious link) but no authentication. Attack vectors include phishing emails or malicious websites.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Monitor MedDream vendor for security updates. 2. Apply patch when released. 3. Test in non-production environment first. 4. Restart services if required by patch.

🔧 Temporary Workarounds

Implement Web Application Firewall (WAF)

all

Deploy WAF with XSS protection rules to block malicious payloads.

Input Validation and Output Encoding

all

Implement server-side validation and proper output encoding for user inputs in modifyAnonymize functionality.

🧯 If You Can't Patch

Restrict access to MedDream PACS to trusted networks only.
Educate users about phishing risks and safe browsing practices.

🔍 How to Verify

Check if Vulnerable:

Test by attempting to inject JavaScript payloads into modifyAnonymize parameters via URL and checking if they execute.

Check Version:

Check MedDream PACS version in application interface or configuration files.

Verify Fix Applied:

After applying fixes, retest with same payloads to ensure they are properly sanitized or blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual URL parameters containing script tags or JavaScript code in modifyAnonymize requests
Multiple failed login attempts following suspicious URL access

Network Indicators:

HTTP requests with suspicious parameters in modifyAnonymize endpoints
Outbound connections to unknown domains following access to crafted URLs

SIEM Query:

source="web_server" AND uri="*modifyAnonymize*" AND (param="*<script>*" OR param="*javascript:*")

📊 Metadata

CVE ID: CVE-2025-55071

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.04% exploit probability (10.6th percentile)

Published: January 20, 2026

Last Updated: January 29, 2026

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2259 Exploit,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2259 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55071, you might also want to check these: