Lucene search
K
OpexustechEcase Audit

4 matches found

CVE
CVE
added 2026/01/08 5:10 p.m.19 views

CVE-2026-22230

CVE-2026-22230 affects OPEXUS eCASE Audit with vulnerability due to incorrect access control that allows an authenticated attacker to modify client-side JavaScript or craft HTTP requests to access functions or buttons that administrators have disabled or blocked. The publicly documented fix is in...

7.6CVSS6.4AI score0.00285EPSS
CVE
CVE
added 2026/01/08 5:11 p.m.17 views

CVE-2026-22233

Issue overview : OPEXUS eCASE Audit is vulnerable to a stored XSS when an authenticated user saves JavaScript in the Estimated Staff Hours field. When another user visits the Project Cost tab, the injected script executes in their browser. Affected software/versions : OPEXUS eCASE Audit (versions...

5.5CVSS6.3AI score0.00207EPSS
CVE
CVE
added 2026/01/08 5:10 p.m.13 views

CVE-2026-22232

OPEXUS eCASE Audit contains a stored cross-site scripting vulnerability in the Project Setup function. An authenticated attacker can save JavaScript in the “A or SIC Number” field, which is then executed when another user views the project. This affects the eCASE Audit component prior to version ...

5.5CVSS6.3AI score0.00207EPSS
CVE
CVE
added 2026/01/08 5:10 p.m.11 views

CVE-2026-22231

OPEXUS eCASE Audit is affected by a stored XSS in the Document Check Out comments. An authenticated attacker can save JavaScript as a comment, which is executed when another user views the Action History Log. Affected product: OPEXUS eCASE Audit (server-side application). Root cause: stored JavaS...

5.5CVSS6.3AI score0.00207EPSS