Primary

Context

LORIS SQL Injection Vulnerability in MRI Feedback Popup

Vulnerability

A SQL injection vulnerability has been identified in the LORIS web application, specifically in the MRI feedback popup window of the imaging browser. This issue affects versions prior to 27.0.3 and 28.0.1. The vulnerability allows attackers to access and modify data on the server via SQL injection.

Impact

Exploitation of this vulnerability allows for SQL injection, enabling attackers to access and alter server data.

Remediation

Users can upgrade to LORIS versions 27.0.3 or 28.0.1 to address this vulnerability.

Added: Apr 8, 2026, 8:23 PM

Updated: Apr 8, 2026, 8:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

5.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

5.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

LORIS SQL Injection Vulnerability in MRI Feedback Popup

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating