5 matches found
CVE-2026-22231
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0...
CVE-2026-22231
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0...
CVE-2026-22231
OPEXUS eCASE Audit is affected by a stored XSS in the Document Check Out comments. An authenticated attacker can save JavaScript as a comment, which is executed when another user views the Action History Log. Affected product: OPEXUS eCASE Audit (server-side application). Root cause: stored JavaS...
CVE-2026-22231 OPEXUS eCASE Audit Document Check Out stored XSS
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0...
PT-2026-2172
Name of the Vulnerable Software and Affected Versions OPEXUS eCASE Audit versions prior to 11.14.1.0 Description An authenticated attacker can modify client-side JavaScript or craft HTTP requests to access functions or buttons that have been disabled or blocked by an administrator. The issue...