CVE-2026-32866
OPEXUS eComplaint and eCASE prior to version 10.2.0.0 are affected by a stored XSS vulnerability in profile name handling. An authenticated user can inject parts of an XSS payload into their first and last name fields, and the payload is executed when the full name is rendered, allowing script ex...