Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the status parameter.
https://blog.talosintelligence.com/foxi-and-epic-games/
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2271