Vulnerabilities > Irislink
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-06 | CVE-2021-27930 | Cross-site Scripting vulnerability in Irislink Irisnext 9.5.16 Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated (or compromised) user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers (1-click RCE). | 5.4 |