CVE-2026-10173 – Orthanc Explorer 2 URL StudyList.vue cross site scripting

CVE ID :CVE-2026-10173

Published : May 31, 2026, 8:16 a.m. | 16 minutes ago

Description :A weakness has been identified in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. This manipulation of the argument remote-source causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. Patch name: 21f78ce5da668bf5233efcd1896ec7c6e3b22eae. Applying a patch is the recommended action to fix this issue.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-10172 – Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload

CVE-2026-10171 – code-projects Online Music Site AdminUpdateAlbum.php sql injection

CVE-2026-10170 – code-projects Visitor Management System phone_0.php sql injection

CVE-2026-10169 – OUSL-GROUP-BrinaryBrains School Student Management System Forgot Password Endpoint Login.php ajax_forgot_password password recovery