RSS   Vulnerabilities for 'Irisnext'   RSS

2021-07-06
 
CVE-2021-27930

CWE-79
 
 
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated (or compromised) user to inject malicious JavaScript in folder/file name within the application in order to grab other users�?? sessions or execute malicious code in their browsers (1-click RCE).

 

Copyright 2024, cxsecurity.com

 

Back to Top