Ecase Audit
CVE-2026-22231
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0.
AnalysisAI
OPEXUS eCASE Audit's Document Check Out feature contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious JavaScript into comments, which executes in the browsers of other users viewing the Action History Log. This could enable attackers with valid credentials to steal session tokens, perform unauthorized actions, or compromise other users' accounts. No patch is currently available for affected installations.
Technical ContextAI
Classified as CWE-79 (Cross-site Scripting (XSS)). Affects the Document Check Out component of Ecase Audit. OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0.
RemediationAI
Monitor vendor advisories for a patch. Implement output encoding and Content Security Policy headers. Restrict network access to the affected service where possible.
More in Ecase Audit
View allOPEXUS eCASE Audit contains an access control bypass that allows authenticated users to circumvent administrative restri
Stored cross-site scripting in OPEXUS eCASE Audit enables authenticated users to inject malicious JavaScript through the
Stored cross-site scripting in OPEXUS eCASE Audit's Project Setup functionality allows authenticated users to inject mal
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today