cvedb.io
CVE-2026-32869
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2026-03-19T16:16:04.013 · Last modified 2026-06-17T10:36:28.900

Summary

OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of the "Name of Organization" field when filling out case information. An authenticated attacker can inject an XSS payload which is executed in the context of a victim's session when they visit the case information page.

Affected products

opexustech — ecase_ecomplaint

Does this affect you?

Add your gear to cvedb and we'll alert you only when opexustech ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.