Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-119431. PoCs published by LiquidWorm.
AI-analyzed exploit summary The exploit demonstrates multiple stored XSS vulnerabilities in SonicDICOM PACS 2.3.2 via unsanitized POST parameters in the settings, sendsettings, and providers APIs. The PoC includes HTML forms that submit malicious scripts, which are stored and executed in the context of the affected site.
Description
SonicDICOM PACS 2.3.2 - Cross-Site Scripting
Exploits (1)
The exploit demonstrates multiple stored XSS vulnerabilities in SonicDICOM PACS 2.3.2 via unsanitized POST parameters in the settings, sendsettings, and providers APIs. The PoC includes HTML forms that submit malicious scripts, which are stored and executed in the context of the affected site.