CVE-2025-57787 identifies a reflected cross-site scripting (XSS) vulnerability in MedDream PACS Premium version 7.3.6.870, a medical imaging software widely used for managing and viewing medical images. The vulnerability resides in the modifyRoute functionality, where user-supplied input is improperly neutralized during web page generation, allowing injection of malicious JavaScript code. When a victim clicks on a specially crafted URL containing the malicious payload, the script executes in their browser context, potentially stealing session cookies, performing actions on behalf of the user, or redirecting to malicious sites. This is a reflected XSS, meaning the payload is part of the URL and not stored on the server, requiring user interaction to trigger. The vulnerability does not require authentication, increasing its risk profile. The CVSS 3.1 score of 6.1 reflects the attack vector as network-based with low attack complexity, no privileges required, but requiring user interaction. The impact affects confidentiality and integrity but not availability. No patches or known exploits are currently reported, but the vulnerability is publicly disclosed and could be weaponized. Given the critical nature of PACS systems in healthcare workflows, exploitation could lead to unauthorized data exposure or manipulation of user sessions. The CWE-79 classification confirms this is an input validation flaw leading to XSS. Organizations using this version of MedDream PACS should prioritize remediation and user awareness to prevent exploitation.

For European organizations, particularly healthcare providers using MedDream PACS Premium 7.3.6.870, this vulnerability poses a risk of client-side attacks that can compromise patient data confidentiality and user session integrity. Exploitation could enable attackers to hijack user sessions, steal sensitive medical information, or perform unauthorized actions within the PACS web interface. Although the vulnerability does not directly impact system availability, the resulting data breaches or unauthorized access could lead to regulatory penalties under GDPR, reputational damage, and disruption of clinical workflows. The requirement for user interaction means phishing or social engineering campaigns could be used to exploit this vulnerability. Given the critical role of PACS in diagnostic imaging and patient care, even medium-severity vulnerabilities warrant prompt attention to avoid cascading impacts on healthcare delivery and patient safety.

1. Monitor MedDream vendor communications for official patches addressing CVE-2025-57787 and apply them immediately upon release. 2. Implement web application firewall (WAF) rules to detect and block malicious payloads targeting the modifyRoute parameter. 3. Conduct input validation and output encoding on all user-supplied data in the web application to neutralize potentially malicious scripts. 4. Educate healthcare staff about phishing risks and the dangers of clicking on unsolicited or suspicious URLs, especially those related to PACS systems. 5. Employ browser security features such as Content Security Policy (CSP) to restrict execution of unauthorized scripts. 6. Regularly audit and monitor web server logs for unusual URL patterns indicative of attempted exploitation. 7. Consider network segmentation to limit access to PACS web interfaces only to trusted internal users and devices. 8. Use multi-factor authentication (MFA) where possible to reduce risk from session hijacking.