exploitDog

GHSA-v7w8-9cgx-wgv4

Опубликовано: 08 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 7.5

Описание

OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber', and download any uploaded files.

OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber', and download any uploaded files.

Ссылки

EPSS

Процентиль: 12%

0.00042

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2026-22235

CVSS3: 7.5

nvd

около 1 месяца назад

OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber', and download any uploaded files.

EPSS

Процентиль: 12%

0.00042

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639