CVE-2023-50712
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2023-50712 is a stored Cross-Site Scripting (XSS) vulnerability affecting the Iris web collaborative platform, versions prior to v2.3.7. This issue allows authenticated attackers to inject malicious scripts into the application, which could be executed when users visit affected locations. Consequences include unauthorized access, data theft, and other malicious activities. The vulnerability has been fixed in version v2.3.7, and no known workarounds are available. Iris, used by incident responders for sharing technical details during investigations, is at risk of XSS attacks, potentially leading to serious security breaches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.