Security Advisory
CVE-2026-22234
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker to navigate to the Attachments.aspx endpoint, iterate through predictable values of formid, and download or delete all user-uploaded files, or upload new files.