7 matches found
CVE-2025-61996
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...
CVE-2025-61996
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...
OPEXUS FOIAXpress 安全漏洞
OPEXUS FOIAXpress is an information disclosure management software from OPEXUS Corporation. A security vulnerability exists in OPEXUS FOIAXpress versions prior to 11.13.3.0 that originates from an administrative user being able to inject JavaScript or other content into the annual report template...
CVE-2025-61996 OPEXUS FOIAXpress stored XSS via annual report template
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...
CVE-2025-61996
CVE-2025-61996 affects OPEXUS FOIAXpress prior to 11.13.3.0. An administrative user can inject JavaScript or other content into the Annual Report Template, with injected content executed in other users’ sessions when they generate an Annual Report. This constitutes a stored XSS exposure that coul...
CVE-2025-61996 OPEXUS FOIAXpress stored XSS via annual report template
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perfo...
OPEXUS FOIAXpress stored XSS
RISK EVALUATION OPEXUS FOIAXpress before 11.13.3.0 contains multiple stored cross-site-scripting vulnerabilities. These vulnerabilities allow an authenticated administrative user to inject JavaScript or other content into various components of FOIAXpress. Successful exploitation allows the...