CVE-2025-54814 identifies a reflected cross-site scripting (XSS) vulnerability in MedDream PACS Premium version 7.3.6.870, a medical imaging software widely used for managing and viewing medical images. The vulnerability exists in the modifyAutopurgeFilter functionality, where user-supplied input is improperly neutralized during web page generation, allowing an attacker to inject arbitrary JavaScript code. This occurs when a maliciously crafted URL is sent to a victim, and upon clicking, the injected script executes in the context of the victim's browser session. The vulnerability is classified under CWE-79, indicating improper input sanitization. The CVSS 3.1 base score of 6.1 reflects that the attack vector is network-based (AV:N), requires no privileges (PR:N), but does require user interaction (UI:R). The scope is changed (S:C), meaning the vulnerability can affect resources beyond the vulnerable component. The impact on confidentiality and integrity is low (C:L, I:L), with no impact on availability (A:N). Although no known exploits are reported in the wild, the vulnerability poses a risk of session hijacking, credential theft, or unauthorized actions performed in the victim's browser session. The lack of a patch link suggests that a fix may not yet be publicly available, emphasizing the need for proactive mitigation. Given the critical nature of healthcare data and the reliance on PACS systems, exploitation could lead to unauthorized access to sensitive patient information or disruption of clinical workflows.

For European organizations, particularly healthcare providers using MedDream PACS Premium, this vulnerability could lead to unauthorized disclosure of sensitive patient data through session hijacking or theft of authentication tokens. The reflected XSS could be leveraged to perform phishing attacks or deliver malware payloads within trusted environments, undermining user trust and potentially violating GDPR requirements for data protection. Although the vulnerability does not directly impact system availability, the integrity and confidentiality risks are significant in a healthcare context where data accuracy and privacy are paramount. Exploitation could disrupt clinical decision-making or lead to compliance penalties. The requirement for user interaction somewhat limits the attack surface but does not eliminate risk, especially in environments where users may be targeted via spear-phishing. The medium severity rating reflects these considerations but does not diminish the importance of timely remediation in a sector handling critical health information.

1. Monitor MedDream vendor communications closely and apply security patches promptly once available. 2. Implement strict input validation and output encoding on all web application inputs, especially those related to the modifyAutopurgeFilter functionality, to neutralize malicious scripts. 3. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 4. Conduct user awareness training focused on recognizing and avoiding phishing attempts involving suspicious URLs. 5. Limit exposure of the PACS web interface to trusted networks or VPN access only, reducing the attack surface. 6. Utilize web application firewalls (WAFs) with rules designed to detect and block reflected XSS payloads targeting known vulnerable endpoints. 7. Regularly audit and monitor web server logs for unusual URL patterns or repeated access attempts to the vulnerable functionality. 8. Consider multi-factor authentication (MFA) to reduce the impact of stolen session tokens or credentials. 9. Engage in penetration testing and code reviews to identify and remediate similar input validation issues proactively.