CVE-2025-54862 is a medium-severity vulnerability classified under CWE-79, which corresponds to improper neutralization of input during web page generation, commonly known as Cross-site Scripting (XSS). This vulnerability affects the Sante PACS Server web portal, a product by Santesoft used for managing and storing medical imaging data. The vulnerability is a stored XSS flaw, meaning that malicious HTML or script code injected by an attacker is persistently stored on the server and subsequently served to other users when they access the affected web pages. Specifically, an attacker can inject malicious HTML code that could redirect users to malicious websites and steal their cookies, potentially leading to session hijacking or unauthorized access to sensitive information. The CVSS 4.0 base score is 4.8, indicating a medium severity level. The vector string (AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N) shows that the attack can be performed remotely over the network with low attack complexity, requires low privileges, and user interaction is needed. The impact on confidentiality and integrity is low to limited, with no impact on availability. The vulnerability does not require authentication but does require user interaction (e.g., the victim must visit a maliciously crafted page). No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability was published on August 18, 2025, and reserved on August 5, 2025. Stored XSS in a healthcare PACS system is particularly concerning because it can be used to compromise user sessions, potentially exposing sensitive patient data or enabling further attacks within the healthcare environment.

For European organizations, especially healthcare providers and medical institutions using the Sante PACS Server, this vulnerability poses a significant risk to patient data confidentiality and system integrity. Exploitation could lead to unauthorized access to user sessions, enabling attackers to impersonate legitimate users, access sensitive medical images, or manipulate data. This could result in privacy violations under GDPR, legal liabilities, and reputational damage. Additionally, redirecting users to malicious sites could facilitate further malware infections or phishing attacks targeting healthcare staff. Although the vulnerability does not directly impact system availability, the indirect consequences of compromised credentials and data leakage could disrupt healthcare operations. The requirement for user interaction means that social engineering or phishing campaigns could be used to trigger the exploit, increasing the risk in environments where users may not be fully trained on cybersecurity best practices. Given the critical nature of healthcare data and the regulatory environment in Europe, even a medium-severity XSS vulnerability warrants prompt attention.

1. Immediate mitigation should include implementing strict input validation and output encoding on all user-supplied data within the Sante PACS Server web portal to prevent injection of malicious scripts. 2. Deploy Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and reduce the impact of any injected code. 3. Conduct user awareness training focused on recognizing phishing attempts and suspicious links to reduce the likelihood of successful user interaction exploitation. 4. Monitor web server logs and application behavior for unusual activities indicative of XSS exploitation attempts. 5. If possible, isolate the PACS web portal behind additional security layers such as web application firewalls (WAF) configured to detect and block XSS payloads. 6. Coordinate with Santesoft for timely patch releases and apply updates as soon as they become available. 7. Implement multi-factor authentication (MFA) for user access to the PACS portal to mitigate session hijacking risks. 8. Regularly audit and review web application security posture, including penetration testing focused on XSS and other injection vulnerabilities.