CVE-2025-58080 is a reflected cross-site scripting (XSS) vulnerability identified in the modifyHL7App functionality of MedDream PACS Premium version 7.3.6.870. This vulnerability arises due to improper neutralization of user-supplied input during web page generation, classified under CWE-79. An attacker can craft a malicious URL containing JavaScript code that, when accessed by a user, executes within the context of the victim's browser session. This can lead to unauthorized actions such as session hijacking, theft of sensitive information, or manipulation of displayed data. The vulnerability does not require any prior authentication, increasing its risk, but does require user interaction to trigger the malicious payload. The CVSS 3.1 base score of 6.1 reflects a medium severity, with attack vector being network-based, low attack complexity, no privileges required, and user interaction needed. The scope is changed (S:C), indicating that exploitation can affect resources beyond the vulnerable component, impacting confidentiality and integrity but not availability. No public exploits are known at this time, and no patches have been linked yet. Given that MedDream PACS is a medical imaging and archiving system widely used in healthcare environments, exploitation could compromise patient data confidentiality and integrity, potentially affecting clinical decisions and patient safety.

For European organizations, particularly healthcare providers using MedDream PACS Premium, this vulnerability poses a significant risk to patient data confidentiality and integrity. Successful exploitation could allow attackers to execute arbitrary scripts in the context of authenticated users, potentially leading to session hijacking, unauthorized access to patient records, or manipulation of displayed medical images and data. This could undermine trust in healthcare IT systems, violate GDPR data protection requirements, and lead to regulatory penalties. Although the vulnerability does not directly affect system availability, the indirect impact on healthcare operations and patient safety could be substantial. The requirement for user interaction limits mass exploitation but targeted phishing or social engineering campaigns could be effective. The lack of known exploits currently reduces immediate risk but also means organizations must proactively address the vulnerability before attackers develop weaponized exploits.

1. Monitor MedDream vendor communications closely for official patches or updates addressing CVE-2025-58080 and apply them promptly once available. 2. Implement strict input validation and output encoding on all user-supplied data within the modifyHL7App functionality to neutralize malicious scripts. 3. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in the PACS web interface. 4. Conduct user awareness training focused on recognizing and avoiding phishing attempts or suspicious URLs, especially for healthcare staff accessing PACS systems. 5. Utilize web application firewalls (WAFs) with rules designed to detect and block reflected XSS attack patterns targeting the PACS application. 6. Regularly audit and monitor web server logs for unusual URL requests that may indicate attempted exploitation. 7. Segment PACS systems within the network to limit exposure and potential lateral movement if an attack occurs. 8. Consider multi-factor authentication for PACS access to reduce risk from session hijacking.