The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in.....
8.8CVSS
9AI Score
0.004EPSS
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated (or compromised) user to inject malicious JavaScript in folder/file name within the application in order to grab other usersβ sessions or execute malicious code in their browsers (1-click...
5.4CVSS
5.4AI Score
0.001EPSS