CVE 2026 25860

CVEs (1)

• CVE-2026-25860MedJun 9, 2026
  Openclinica

  Openclinica
  risk 0.40cvss 6.1epss 0.00

  OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM…