Reflected XSS bugs in Canon Medical ’s Vitrea View could expose patient info

Posted on 3 October 2022

From securityaffairs.co

During a penetration test, Trustwave Spiderlabs’ researchers discovered two reflected cross-site scripting (XSS) vulnerabilities, collectively as CVE-2022-37461, in third-party software for Canon Medical’s Vitrea View. The Vitrea View tool allows viewing and securely share medical images through the DICOM standard.