CVE-2022-26111

The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search or editing an existing/predefined search of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in t...

IRIS IrisNext 命令注入漏洞

IRIS IrisNext is a document management solution from IRIS Luxembourg designed to manage, protect and use your company's information. A security vulnerability exists in IRISNext version 9.8.28 and prior versions of the BeanShell component, which originates from a BeanShell component that allows...