Lucene search
K

27 matches found

OSV
OSV
added 2025/10/08 12:15 a.m.4 views

CVE-2025-61997

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the...

4.8CVSS5.8AI score0.00225EPSS
Exploits0References3
NVD
NVD
added 2025/10/08 12:15 a.m.6 views

CVE-2025-61997

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the...

4.8CVSS0.00225EPSS
Exploits0References3
OSV
OSV
added 2025/10/08 12:15 a.m.5 views

CVE-2025-61996

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...

4.8CVSS5.8AI score0.00225EPSS
Exploits0References3
NVD
NVD
added 2025/10/08 12:15 a.m.19 views

CVE-2025-61996

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...

4.8CVSS0.00225EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.17 views

OPEXUS FOIAXpress 安全漏洞

OPEXUS FOIAXpress is an information disclosure management software from OPEXUS Corporation. A security vulnerability exists in OPEXUS FOIAXpress versions prior to 11.13.3.0 that originates from an administrative user being able to inject JavaScript or other content into the annual report template...

4.8CVSS5.6AI score0.00225EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/07 11:13 p.m.15 views

CVE-2025-61996 OPEXUS FOIAXpress stored XSS via annual report template

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...

4.8CVSS0.00225EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/07 11:13 p.m.4 views

CVE-2025-61996 OPEXUS FOIAXpress stored XSS via annual report template

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...

4.8CVSS6.3AI score0.00225EPSS
Exploits0References3
CVE
CVE
added 2025/10/07 11:13 p.m.15 views

CVE-2025-61996

CVE-2025-61996 affects OPEXUS FOIAXpress prior to 11.13.3.0. An administrative user can inject JavaScript or other content into the Annual Report Template, with injected content executed in other users’ sessions when they generate an Annual Report. This constitutes a stored XSS exposure that coul...

4.8CVSS6.3AI score0.00225EPSS
Exploits0References3Affected Software1
ICS
ICS
added 2025/10/07 10:50 p.m.5 views

OPEXUS FOIAXpress stored XSS

RISK EVALUATION OPEXUS FOIAXpress before 11.13.3.0 contains multiple stored cross-site-scripting vulnerabilities. These vulnerabilities allow an authenticated administrative user to inject JavaScript or other content into various components of FOIAXpress. Successful exploitation allows the...

4.8CVSS6.5AI score0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.4 views

PT-2025-41199

Name of the Vulnerable Software and Affected Versions OPEXUS FOIAXpress versions prior to 11.13.3.0 Description An administrative user can inject JavaScript or other content into the Annual Report Enterprise Banner image upload field. This injected content is executed when other users generate an...

4.8CVSS5.5AI score0.00225EPSS
Exploits0References6
The Coalfire Blog
The Coalfire Blog
added 2023/09/19 5:55 p.m.19 views

Penetration testing: shifting paradigms from reactive to proactive

Part 2 in a blog series spotlighting Coalfires 5th Annual Penetration Risk Report...

7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2023/07/18 3:3 p.m.13 views

The state of cybersecurity compliance in 2023 – part 1

This first blog in the series captures the key takeaways from Coalfires Annual Compliance Report...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/05 11:55 a.m.35 views

The Annual Report: 2024 Plans and Priorities for SaaS Security

Over 55% of security executives report that they have experienced a SaaS security incident in the past two years — ranging from data leaks and data breaches to SaaS ransomware and malicious apps as seen in figures 1 and 2. --- Figure 1. How many organizations have experienced a SaaS security...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/05 11:55 a.m.4 views

The Annual Report: 2024 Plans and Priorities for SaaS Security

Over 55% of security executives report that they have experienced a SaaS security incident in the past two years — ranging from data leaks and data breaches to SaaS ransomware and malicious apps as seen in figures 1 and 2. --- Figure 1. How many organizations have experienced a SaaS security...

6.5AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/03/29 12:0 a.m.11 views

ICS/OT Cybersecurity 2022 TXOne Annual Report Insights

This article gives an in-depth overview of TXOne’s insight report on ICS/OT cyber incidents...

6.8AI score
Exploits0
CISA
CISA
added 2021/09/16 12:0 a.m.22 views

ACSC Releases Annual Cyber Threat Report

The Australian Cyber Security Centre ACSC has released its annual report on key cyber security threats and trends for the 2020–21 financial year. The report lists the exploitation of the pandemic environment, the disruption of essential services and critical infrastructure, ransomware, the rapid...

6.9AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2021/04/26 11:35 a.m.195 views

11-13 year old girls most likely to be targeted by online predators

The Internet Watch Foundation IWF, a not-for-profit organization in England whose mission is "to eliminate child sexual abuse imagery online", has recently released its analysis of online predator victimology and the nature of sexual abuse media that is currently prevalent online. The scope of th...

7AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/03/24 4:0 a.m.16 views

Akamai Foundation: Our Chance to Give Back

The Akamai Foundation was set up in 2018 to improve the impact and focus of our long-term philanthropic activities. Importantly, we wanted to support the next generation of technology innovators; promoting the pursuit of excellence in STEM education amongst school children. Our work had an...

2.9AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/03/17 12:0 a.m.9 views

Trend Micro 2020 Annual Cybersecurity Report

Reviewing the most important cybersecurity stories, issues, and trends that occurred over 2020, this annual report aims to equip security leaders with valuable insight and tools so they can focus on both protecting and enabling the organization...

1.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/01/27 5:0 a.m.29 views

Working Together with Our Customers to Build a Sustainable Future

By now, we hope you've read Monday's and Tuesday's blog posts announcing the release of our annual sustainability report, our sustainability program, and the technical innovation behind it...

1.4AI score
Exploits0
Rows per page
Query Builder