17 matches found
CVE-2022-26111
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search or editing an existing/predefined search of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in t...
CVE-2021-27930
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated or compromised user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers 1-click RCE...
EUVD-2021-14650
Malware in sbrugna...
EUVD-2022-30679
Malicious code in bioql PyPI...
CVE-2022-26111
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search or editing an existing/predefined search of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in t...
CVE-2022-26111
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search or editing an existing/predefined search of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in t...
CVE-2022-26111
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search or editing an existing/predefined search of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in t...
Remote code execution
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search or editing an existing/predefined search of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in t...
CVE-2022-26111
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search or editing an existing/predefined search of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in t...
CVE-2022-26111
The CVE-2022-26111 entry concerns IRISNext (BeanShell components) up to version 9.8.28. The vulnerability arises when BeanShell expressions are added via the search functionality, allowing arbitrary commands to be executed on the target server within the IRISNext application user context (Remote ...
IRIS IrisNext 命令注入漏洞
IRIS IrisNext is a document management solution from IRIS Luxembourg designed to manage, protect and use your company's information. A security vulnerability exists in IRISNext version 9.8.28 and prior versions of the BeanShell component, which originates from a BeanShell component that allows...
CVE-2021-27930
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated or compromised user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers 1-click RCE...
CVE-2021-27930
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated or compromised user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers 1-click RCE...
Cross site scripting
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated or compromised user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers 1-click RCE...
CVE-2021-27930
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated or compromised user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers 1-click RCE...
CVE-2021-27930
CVE-2021-27930 affects IrisNext Edition 9.5.16. The issue consists of multiple stored XSS vulnerabilities that allow an authenticated (or compromised) user to inject malicious JavaScript into folder/file names, enabling theft of other users’ sessions or execution of code in their browsers. The vu...
IrisNext 跨站脚本漏洞
IRIS IrisNext is a document management solution from IRIS Luxembourg designed to manage, protect and use your company's information. A security vulnerability exists in IrisNext that allows an authenticated or threatened user to inject malicious JavaScript into the application's folder filenames t...