Whikernel

**Name of the Vulnerable Software and Affected Versions** iris-web versions prior to 2.2.1 **Description** A stored Cross-Site Scripting (XSS) issue has been identified, allowing an attacker to inject malicious scripts into the application. These scripts are executed when a user visits the affected locations, potentially leading to unauthorized access, data theft, or other malicious activities. To exploit this issue, an attacker must be authenticated on the application. **Recommendations** For versions prior to 2.2.1, update to version 2.2.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.