High severity8.8NVD Advisory· Published Apr 25, 2022· Updated Jun 17, 2026
CVE-2022-26111
CVE-2022-26111
Description
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in the context of the IRISNext application user, running on the web server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- IRISNext/IRISNextdescription
Patches
Vulnerability mechanics
References
2- github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2022-26111.pdfnvdExploitThird Party Advisory
- varsnext.iriscorporate.comnvdProductVendor Advisory
News mentions
0No linked articles in our index yet.