ГлавнаяУязвимости → CVE-2026-22235
7.5высокая

CVE-2026-22235

Описание

OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber', and download any uploaded files.

Затрагиваемое ПО
Opexustech Ecase ecomplaint
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-26-008-02.jsonhttps://www.cve.org/CVERecord?id=CVE-2026-22235