Back to search
CVE-2022-26111
Published: Apr 25, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in the context of the IRISNext application user, running on the web server.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://varsnext.iriscorporate.com/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now