Opexus Ecomplaint
5 CVEs affecting Opexus Ecomplaint. Latest disclosed: 2026-03-19. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-32865 | Critical | 9.8 | 2026-03-19 | OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the HTTP response when requesting a password reset via 'ForcePasswo… |
CVE-2026-22235 | High | 7.5 | 2026-01-08 | OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber… |
CVE-2026-32869 | Medium | 5.5 | 2026-03-19 | OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of the "Name of Organization" field when filling out case information. An au… |
CVE-2026-32868 | Medium | 5.5 | 2026-03-19 | OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of first and last name fields in the 'My Information' screen. An authenticat… |
CVE-2026-32867 | Medium | 5.4 | 2026-03-19 | OPEXUS eComplaint before version 10.1.0.0 allows an unauthenticated attacker to obtain or guess an existing case number and upload arbitrary files via 'Portal/… |