What is CVE-2025-1085?

A medium-severity cross-site scripting vulnerability has been identified in Animati PACS versions up to 1.24.12.09.03. Remote exploitation is possible, and organizations should prioritize remediation efforts.

What is the severity of CVE-2025-1085?

CVE-2025-1085 has a severity rating of MEDIUM with a CVSS base score of 5.3.

CVE-2025-1085 | Medium Vulnerability in Animati PACS

A vulnerability, which was classified as problematic, was found in Animati PACS up to 1.24.12.09.03. This affects an unknown part of the file /login. The manipulation of the argument p leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

The CVSS score for this vulnerability is 5.3, indicating a medium severity level. This score reflects the potential impact on confidentiality, integrity, and availability. Given that the vulnerability allows for cross-site scripting attacks, it poses a risk to organizations that utilize Animati PACS.

Risk to organizations includes potential unauthorized data access and manipulation, which can lead to further exploitation if left unaddressed. Attackers may leverage this vulnerability to execute malicious scripts in the context of the victim's browser.

Organizations should prioritize patching immediately. It is essential to mitigate this risk by updating to the latest version of Animati PACS once an appropriate patch is made available.

Vulnerability Details

The CVSS score is 5.3, categorized as medium severity, indicating that this vulnerability possesses a moderate risk to confidentiality and integrity.

The vulnerabilities are associated with CWE-79 (Improper Neutralization of Input During Web Page Generation) and CWE-94 (Improper Control of Generation of Code ('Code Injection')).

Technical Analysis

The root cause of this vulnerability lies in the insufficient input validation of the argument p within the /login file. This oversight allows attackers to inject arbitrary scripts into web pages, leading to cross-site scripting.

The attack vector is network-based, requiring only passive user interaction. Attackers do not need to authenticate, but user interaction is necessary for the execution of the injected script.

The attack complexity is low, making it easier for attackers to exploit this vulnerability. There are no privileges required for exploitation, and the impacts on confidentiality and availability are negligible.

Risk & Impact Analysis

Organizations using Animati PACS must recognize the real-world risk posed by this vulnerability. Given the low attack complexity and lack of required privileges, the potential for exploitation is high.

The potential blast radius could encompass sensitive user data, leading to unauthorized access and manipulation. This is particularly concerning in environments where sensitive data is processed or stored.

Urgency assessment indicates that organizations should address this vulnerability in their priority patch cycle, particularly as it has been disclosed publicly. The potential for exploitation remains a significant concern.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions prior to vendor patch.

Mitigation & Remediation

Organizations should implement the following remediation strategies to mitigate this vulnerability: applying the latest patches as soon as they are available and ensuring proper input validation.

In addition, organizations can benefit from conducting regular penetration testing to identify similar weaknesses.

Detection Guidance

Organizations should monitor logs for unusual entries that may indicate attempts to exploit this vulnerability. Additionally, behavioral anomalies in user interactions with the application should be assessed.

It is crucial to implement network controls that can detect and alert on potential cross-site scripting attempts.

AppSecure Threat Intelligence Insight

This vulnerability represents a growing trend in web application weaknesses, particularly in systems that lack rigorous input validation. Security teams are encouraged to adopt comprehensive testing methodologies.

For further insights into vulnerability management, the vulnerability management program can serve as a crucial framework.

Organizations should also remain vigilant about emerging threats and integrate lessons learned from past incidents into their security strategies. Regular updates and training can bolster defenses against similar vulnerabilities.

Engaging in penetration testing methodology is also recommended to identify and remediate vulnerabilities proactively.

Lastly, organizations should consider adopting security frameworks that emphasize continuous improvement and resilience against evolving threats.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-1085: Medium Vulnerability in Animati PACS