Vulnerabilities in dfir-iris
13 resultsCVE-2024-34060HIGHArbitrary File Write in IRIS EVTX PipelineEPSS 1.0%CVE-2024-25624MEDIUMiris-web vulnerable to Server Side Template Injection in reportsEPSS 0.9%CVE-2023-30615MEDIUMImproper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in iris-webEPSS 0.4%CVE-2024-25640MEDIUMImproper Neutralization of Alternate XSS Syntax in iris-webEPSS 0.3%CVE-2023-50712MEDIUMImproper Neutralization of Alternate XSS Syntax in iris-web EPSS 0.3%CVE-2026-22783CRITICALIris Allows Arbitrary File Deletion via Mass Assignment in Datastore File ManagementEPSS 0.3%CVE-2026-41522HIGHIris has an Improper Authorization issueEPSS 0.2%CVE-2026-42539MEDIUMIRIS has an Excessive Data Exposure issueEPSS 0.2%CVE-2026-42540MEDIUMIRIS has a Mass Assignment issueEPSS 0.2%CVE-2026-42538MEDIUMIRIS has an Insecure File UploadEPSS 0.2%CVE-2026-42543MEDIUMIRIS has a Cross-Site Request Forgery (CSRF) issueEPSS 0.2%CVE-2026-42547MEDIUMIRIS Alerts Can be Falsely Attributed to CustomersEPSS 0.2%CVE-2026-42329MEDIUMIris has an Open Redirect issueEPSS 0.2%