Security Advisory

CVE-2026-22234

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-08 17:12:39
Last updated 2026-03-10 20:39:28
Assigner cisa-cg
State PUBLISHED

Description

OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker to navigate to the Attachments.aspx endpoint, iterate through predictable values of formid, and download or delete all user-uploaded files, or upload new files.