CVE-2026-41522

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

EUVD-2026-34320

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

CVE-2026-41522

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

CVE-2026-41522

Affected software: Iris DFIR-IRIS web collaboration platform. Vulnerable version: earlier than 2.4.28. Issue: optional GraphQL endpoint at /graphql did not enforce the same authorization as the REST API, enabling three unauthorized actions by any authenticated user: (1) IOC read across cases (IDO...

CVE-2026-41522 Iris has an Improper Authorization issue

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

EUVD-2023-36356

Malicious code in bioql PyPI...

CVE-2023-32088

Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation...

New Support Website - July 15th 2024

New Support Website - July 15th 2024 Support.Citrix.com is migrating to a new platform. This is the main website for hosting public CTX knowledge articles and for customers to create and view their support cases. This new platform will launch on July 15th 2024 Callback and LiveChat are dependent ...

CVE-2023-32088

Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation...

CVE-2023-32088

Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation...

Cross site scripting

Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation...

CVE-2023-32088

CVE-2023-32088 affects Pegasystems Pega Platform versions 8.1 to Infinity 23.1.0 and is an XSS issue triggered during ad-hoc case creation. The entry documents the affected component (Pega Platform) and the vulnerability class (XSS) but does not disclose a concrete root cause, exploit details, or...

PT-2023-23597 · Pegasystems · Pega Platform

Name of the Vulnerable Software and Affected Versions: Pega Platform versions 8.1 to Infinity 23.1.0 Description: The issue is related to an XSS problem with ad-hoc case creation. Recommendations: For Pega Platform versions 8.1 to Infinity 23.1.0, at the moment, there is no information about a...

Veeam Intelligent Diagnostics signature UID field

If you are not using Veeam ONE or your Veeam ONE server is not connected and monitoring Veeam Backup & Replication, you will not have a VID to enter during case creation. Simply leave the field blank. Purpose This article provides answers to frequently asked questions about the "Veeam Intelligent...

How to Create a Veeam Support Case

Phone Support To improve case handling, you must Open a Case via the portal before calling in. The phone system will ask for your case number and use advanced routing to connect you with the engineer handling your case or an appropriate product/feature specialized support engineer. Purpose This...