All 5 CVE vulnerabilities found in iris-web, with AI-generated Chinese analysis, references, and POCs.
Vendor: dfir-iris
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-22783 | Iris Allows Arbitrary File Deletion via Mass Assignment in Datastore File Management CWE-434 | 9.6 | Critical | 2026-01-12 |
| CVE-2024-25624 | iris-web vulnerable to Server Side Template Injection in reports CWE-1336 | 6.8 | Medium | 2024-04-25 |
| CVE-2024-25640 | Improper Neutralization of Alternate XSS Syntax in iris-web CWE-87 | 4.6 | Medium | 2024-02-19 |
| CVE-2023-50712 | Improper Neutralization of Alternate XSS Syntax in iris-web CWE-87 | 4.6 | Medium | 2023-12-22 |
| CVE-2023-30615 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in iris-web CWE-80 | 6.3 | Medium | 2023-05-25 |
All 5 known CVE vulnerabilities affecting iris-web with full Chinese analysis, references, and POCs where available.