CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-22232

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in OPEXUS eCASE Audit 11.14.2.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.3%

CVSS Severity

CVSS v3 Score 5.5

References

https://docs.opexustech.com/docs/oig/audit/eCase_Audit_Release_Notes_11.14.2.0.pdf
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-26-008-01.json
https://www.cve.org/CVERecord?id=CVE-2026-22232

Products affected by CVE-2026-22232

Opexustech » Ecase Audit » Version: Any

cpe:2.3:a:opexustech:ecase_audit:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-22232

Products

Pricing

Contact Us