Medium severity5.4NVD Advisory· Published Jul 6, 2021· Updated Jun 17, 2026
CVE-2021-27930
CVE-2021-27930
Description
Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated (or compromised) user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers (1-click RCE).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- IrisNext/IrisNext Editiondescription
Patches
Vulnerability mechanics
References
2- github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2021-27930.pdfnvdExploitThird Party Advisory
- varsnext.iriscorporate.com/history.htmlnvdProduct
News mentions
0No linked articles in our index yet.