CVE-2026-10173 | Orthanc Explorer 2 up to 1.12.0 URL StudyList.vue remote-source cross site scripting (Issue 108)

A vulnerability classified as problematic has been found in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. This manipulation of the argument remote-source causes cross site scripting.

The identification of this vulnerability is CVE-2026-10173. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Applying a patch is the recommended action to fix this issue.

CVE-2026-10173 | Orthanc Explorer 2 up to 1.12.0 URL StudyList.vue remote-source cross site scripting (Issue 108)

Post correlati

CVE-2020-12612 | BeyondTrust Privilege Management up to 5.6 on Windows Environment Variable Local Privilege Escalation

CVE-2024-44565 | Tenda AX1806 1.0.0.1 form_fast_setting_internet_set serverName stack-based overflow

CVE-2018-25103 | lighttpd up to 1.4.50 use after free

CVE-2024-10106 | Silabs Ember ZNet SDK 7.4.0/7.4.0.0/8.0.0 Packet Handoff Plugin buffer overflow