4 matches found
EUVD-2024-22945
Malicious code in bioql PyPI...
CVE-2023-50712
Summary (CVE-2023-50712): Iris-web prior to v2.3.7 contains a stored XSS vulnerability across multiple locations. An attacker must be authenticated to exploit, and injected scripts could execute when a user visits affected areas, potentially enabling unauthorized access or data theft. The issue i...
Cross site scripting
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations . The vulnerability in allows an attacker to inject malicious...
CVE-2023-30615
CVE-2023-30615 (iris-web) is a stored XSS vulnerability affecting iris-web before version 2.2.1. The issue allows an authenticated attacker to inject malicious scripts that run when users visit affected locations, with potential for unauthorized access and data theft. The patch is available in ir...