← Back

Ecase Audit

ecase_audit

Vendor: Opexustech • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2026-22233
1Opexustech
1Ecase Audit
Feb 5, 2026
Jan 8, 2026
4.8 MEDIUM· v4
5.4 MEDIUM· v3
N/A· v2
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment in the "Estimated Staff Hours" field. The JavaScript is executed whenever another user visits the Project Cost tab. Fixed in OPEXUS eCAS...Show more
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment in the "Estimated Staff Hours" field. The JavaScript is executed whenever another user visits the Project Cost tab. Fixed in OPEXUS eCASE Audit 11.14.2.0.Show less
CVE-2026-22232
1Opexustech
1Ecase Audit
Feb 5, 2026
Jan 8, 2026
4.8 MEDIUM· v4
5.4 MEDIUM· v3
N/A· v2
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in O...Show more
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in OPEXUS eCASE Audit 11.14.2.0.Show less
CVE-2026-22231
1Opexustech
1Ecase Audit
Feb 5, 2026
Jan 8, 2026
4.8 MEDIUM· v4
5.4 MEDIUM· v3
N/A· v2
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPE...Show more
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0.Show less
CVE-2026-22230
1Opexustech
1Ecase Audit
Jan 26, 2026
Jan 8, 2026
7.2 HIGH· v4
7.6 HIGH· v3
N/A· v2
OPEXUS eCASE Audit allows an authenticated attacker to modify client-side JavaScript or craft HTTP requests to access functions or buttons that have been disabled or blocked by an administrator. Fixed in eCASE Platform 1...Show more
OPEXUS eCASE Audit allows an authenticated attacker to modify client-side JavaScript or craft HTTP requests to access functions or buttons that have been disabled or blocked by an administrator. Fixed in eCASE Platform 11.14.1.0.Show less