4 matches found
CVE-2023-50712
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.3.7. The vulnerability may allow an attack...
CVE-2023-50712
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.3.7. The vulnerability may allow an attack...
CVE-2023-50712 Improper Neutralization of Alternate XSS Syntax in iris-web
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.3.7. The vulnerability may allow an attack...
CVE-2023-50712
Summary (CVE-2023-50712): Iris-web prior to v2.3.7 contains a stored XSS vulnerability across multiple locations. An attacker must be authenticated to exploit, and injected scripts could execute when a user visits affected areas, potentially enabling unauthorized access or data theft. The issue i...