exploitDog

GHSA-mj74-6q5x-phrf

Опубликовано: 08 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 5.5

Описание

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in OPEXUS eCASE Audit 11.14.2.0.

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in OPEXUS eCASE Audit 11.14.2.0.

Ссылки

EPSS

Процентиль: 8%

0.00029

Низкий

4.8 Medium

CVSS4

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2026-22232

CVSS3: 5.5

nvd

30 дней назад

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in OPEXUS eCASE Audit 11.14.2.0.

EPSS

Процентиль: 8%

0.00029

Низкий

4.8 Medium

CVSS4

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79