XSS in Dataprom Informatics’ PACS-ACSS

July 23, 2025 invoker category_cve

CVE Details

Basic Information

Title XSS in Dataprom Informatics’ PACS-ACSS
Type cve
Published 2025-07-23T12:19:46.253Z
Modified 2025-07-23T12:56:07.954Z

Product Information

Vendor Dataprom Informatics
Product PACS-ACSS
Version 0

CVSS Information

Base Score 6.5 (MEDIUM)
Attack Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

AI Analysis

AI Description A cross-site scripting (XSS) vulnerability in Dataprom Informatics’ PACS-ACSS allows attackers to inject malicious scripts into web pages. This could lead to session hijacking or unauthorized actions.
AI Severity Medium
AI Vendor Dataprom Informatics
AI Product PACS-ACSS
AI Version Versions prior to 16.05.2025
AI Score 6.5

Affected Products

  • Dataprom Informatics PACS-ACSS 0

Additional Information

CWE List CWE-79
Source TR-CERT

Description

Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Dataprom Informatics PACS-ACSS allows Cross-Site Scripting (XSS). This issue affects PACS-ACSS: before 16.05.2025.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.