CVE-2024-25640 | dfir-iris iris-web up to 2.3.x cross site scripting (GHSA-2xq6-qc74-w5vp)

Inserito da Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability was found in dfir-iris iris-web up to 2.3.x. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to improper neutralization of alternate xss syntax.

The identification of this vulnerability is CVE-2024-25640. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25640 | dfir-iris iris-web up to 2.3.x cross site scripting (GHSA-2xq6-qc74-w5vp)

Post correlati

CVE-2024-2453 | Advantech WebAccess/SCADA 9.1.5U sql injection (icsa-24-081-01)

CVE-2024-36263 | Apache Submarine Server Core sql injection

CVE-2024-45293 | PHPOffice PhpSpreadsheet up to 1.29.0/2.1.0 Excel Parser XmlScanner.php toUtf8 xml external entity reference (GHSA-6hwr-6v2f-3m88)

CVE-2024-35300 | JetBrains TeamCity prior 2024.03.1 Update Page cross site scripting