CVE-2025-62586

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. Fixed in FOIAXpress version 11.13.2.0...

EUVD-2025-34792

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. Fixed in FOIAXpress version 11.13.2.0...

CVE-2025-62586

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. Fixed in FOIAXpress version 11.13.2.0...

CVE-2025-62586

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. Fixed in FOIAXpress version 11.13.2.0...

CVE-2025-62586 OPEXUS FOIAXpress unauthenticated administrator password reset

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. Fixed in FOIAXpress version 11.13.2.0...

CVE-2025-62586 OPEXUS FOIAXpress unauthenticated administrator password reset

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. Fixed in FOIAXpress version 11.13.2.0...

CVE-2025-62586

OPEXUS FOIAXpress contains a vulnerability that allows a remote, unauthenticated attacker to reset the administrator password. The issue affects FOIAXpress prior to version 11.13.2.0 and can lead to full administrative access on the affected system. The vulnerability has been fixed in FOIAXpress ...

OPEXUS FOIAXpress unauthenticated administrator password reset

RISK EVALUATION OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password and gain full administrative access to a vulnerable system. 2. RECOMMENDED PRACTICES Update to FOIAXpress version 11.13.2.0 or later. 3. DESCRIPTION OPEXUS FOIAXpress allows a remote,...

OPEXUS FOIAXpress 安全漏洞

OPEXUS FOIAXpress is an information disclosure management software from OPEXUS Corporation. A security vulnerability exists in OPEXUS FOIAXpress versions prior to 11.13.2.0 that originates from a remote unauthenticated attacker who can reset the administrator password...

CVE-2025-61999

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to upload JavaScript or other content embedded in an SVG image used as a logo. Injected content is executed in the context of other users when they view affected pages. Successful exploitation allows the administrative user to perfo...

CVE-2025-61997

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the...

CVE-2025-61999

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to upload JavaScript or other content embedded in an SVG image used as a logo. Injected content is executed in the context of other users when they view affected pages. Successful exploitation allows the administrative user to perfo...

CVE-2025-61998

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content as a URL within the Technical Support Hyperlink Manager. Injected content is executed in the context of other users when they click the malicious link. Successful exploitation allows the...

CVE-2025-61996

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...

OPEXUS FOIAXpress 安全漏洞

OPEXUS FOIAXpress is an information disclosure management software from OPEXUS Corporation. A security vulnerability exists in OPEXUS FOIAXpress prior to version 11.13.3.0 that originates from an administrator user being able to inject JavaScript or other content into the Annual Report Corporate...

OPEXUS FOIAXpress 安全漏洞

OPEXUS FOIAXpress is an information disclosure management software from OPEXUS USA. A security vulnerability exists in OPEXUS FOIAXpress versions prior to 11.13.3.0, which stems from allowing administrative users to upload SVG images embedded with JavaScript or other content, which could lead to...

OPEXUS FOIAXpress 安全漏洞

OPEXUS FOIAXpress is an information disclosure management software from OPEXUS Corporation. A security vulnerability exists in OPEXUS FOIAXpress versions prior to 11.13.3.0 that originates from an administrative user being able to inject JavaScript or other content into the Technical Support...

OPEXUS FOIAXpress 安全漏洞

OPEXUS FOIAXpress is an information disclosure management software from OPEXUS Corporation. A security vulnerability exists in OPEXUS FOIAXpress versions prior to 11.13.3.0 that originates from an administrative user being able to inject JavaScript or other content into the annual report template...

CVE-2025-61999 OPEXUS FOIAXpress stored XSS via logo image

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to upload JavaScript or other content embedded in an SVG image used as a logo. Injected content is executed in the context of other users when they view affected pages. Successful exploitation allows the administrative user to perfo...

CVE-2025-61999 OPEXUS FOIAXpress stored XSS via logo image

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to upload JavaScript or other content embedded in an SVG image used as a logo. Injected content is executed in the context of other users when they view affected pages. Successful exploitation allows the administrative user to perfo...