Reflected XSS bugs in Canon Medical ’s Vitrea View could expose patient info | allinfosecnews.com

Oct. 3, 2022, 6:40 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Trustwave researchers discovered two XSS flaws in Canon Medical ’s Vitrea View tool that could expose patient information. During a penetration test, Trustwave Spiderlabs’ researchers discovered two reflected cross-site scripting (XSS) vulnerabilities, collectively as CVE-2022-37461, in third-party software for Canon Medical’s Vitrea View. The Vitrea View tool allows viewing and securely share medical images through […]

The post Reflected XSS bugs in Canon Medical ’s Vitrea View could expose patient info appeared first on Security Affairs.

breaking news bugs canon canon medical hacking hacking news information security news it information security medical pierluigi paganini reflected xss security vitrea view xss

More from securityaffairs.co / Security Affairs

FIN7 targeted a large U.S. carmaker phishing attacks 5 hours ago | securityaffairs.co

actor anunak apt attacks +24

Law enforcement operation dismantled phishing-as-a-service platform LabHost 10 hours ago | securityaffairs.co

as-a-service breaking news coordinated countries +22

Previously unknown Kapeka backdoor linked to Russian Sandworm APT 15 hours ago | securityaffairs.co

apt attacks backdoor called +18

Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available 17 hours ago | securityaffairs.co

aware breaking news cisco code +22

Linux variant of Cerber ransomware targets Atlassian servers 1 day, 6 hours ago | securityaffairs.co

atlassian breaking news center cerber +31

Ivanti fixed two critical flaws in its Avalanche MDM 1 day, 14 hours ago | securityaffairs.co

avalanche avalanche mdm breaking news can +23

Researchers released exploit code for actively exploited Palo Alto PAN-OS bug 1 day, 19 hours ago | securityaffairs.co

actively exploited alto analysis breaking news +32

Cisco warns of large-scale brute-force attacks against VPN and SSH services 1 day, 19 hours ago | securityaffairs.co

application attacks authentication breaking news +27

PuTTY SSH Client flaw allows of private keys recovery 2 days, 6 hours ago | securityaffairs.co

breaking news client code critical +25

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Deputy Chief Information Security Officer

@ City of Philadelphia | Philadelphia, PA, United States

View on infosec-jobs.com

Global Cybersecurity Expert

@ CMA CGM | Mumbai, IN

View on infosec-jobs.com

Senior Security Operations Engineer

@ EarnIn | Mexico

View on infosec-jobs.com

Cyber Technologist (Sales Engineer)

@ Darktrace | London

View on infosec-jobs.com