Canon Medical Product Vulnerabilities Expose Patient Information
Trustwave is warning healthcare organizations of two cross-site scripting (XSS) vulnerabilities in Canon Medical’s popular medical imaging sharing tool Vitrea View. ... Exploitable without authentication, the first of the vulnerabilities exists in an error page located at /vitrea-view/error/, where all input after the /error/ subdirectory is reflected back to the user. CVEs: CVE-2022-37461 Tags: CyberSecurity, ProofOfExploit, CVE-2022-37461 [View Article](https://www.securityweek.com/canon-medical-product-vulnerabilities-expose-patient-information)