Security Advisory

CVE-2025-54834

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-31 17:26:04

Last updated 2025-07-31 18:16:59

Assigner cisa-cg

State PUBLISHED

Description

OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place.

← Browse all CVEs View on cve.org ↗