Vulnerability Details CVE-2026-32867
OPEXUS eComplaint before version 10.1.0.0 allows an unauthenticated attacker to obtain or guess an existing case number and upload arbitrary files via 'Portal/EEOC/DocumentUploadPub.aspx'. Users would see these unexpected files in cases. Uploading a large number of files could consume storage.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.0%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2026-32867
-
cpe:2.3:a:opexustech:ecase_ecomplaint:9.0.45.0