Security Advisory

CVE-2021-27930

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-06 11:43:17

Last updated 2024-08-03 21:33:16

Assigner mitre

State PUBLISHED

Description

Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated (or compromised) user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers (1-click RCE).

← Browse all CVEs View on cve.org ↗