VYPR
Unrated severityNVD Advisory· Published Jan 8, 2026· Updated Jan 8, 2026

OPEXUS eCASE Audit Project Setup stored XSS

CVE-2026-22232

Description

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in OPEXUS eCASE Audit 11.14.2.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Opexus/eCASE Auditllm-create2 versions
    <11.14.2.0+ 1 more
    • (no CPE)range: <11.14.2.0
    • (no CPE)range: 11.4.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.