exploitDog

GHSA-7cgr-2c4h-cvgf

Опубликовано: 08 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 5.5

Описание

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0.

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0.

Ссылки

EPSS

Процентиль: 8%

0.00029

Низкий

4.8 Medium

CVSS4

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2026-22231

CVSS3: 5.5

nvd

около 1 месяца назад

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0.

EPSS

Процентиль: 8%

0.00029

Низкий

4.8 Medium

CVSS4

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79