4 matches found
CVE-2025-54834
OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place...
CVE-2025-54834
OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place...
CVE-2025-54834 OPEXUS FOIAXpress Public Access Link (PAL) unauthenticated username enumeration
OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place...
CVE-2025-54834
CVE-2025-54834 affects OPEXUS FOIAXpress PAL v11.1.0. An unauthenticated attacker can query the /App/CreateRequest.aspx endpoint to enumerate valid usernames due to absent rate limiting. Impact is exposure of user existence; CVSS vectors cited in public records show network access with low to mod...