📦 Foiaxpress

CVE-2025-62586 is a critical authentication bypass vulnerability in OPEXUS FOIAXpress that allows remote, unauthenticated attackers to reset administrator passwords. This affects all organizations usi...

OPEXUS FOIAXpress versions before 11.13.3.0 contain a stored cross-site scripting (XSS) vulnerability in the Annual Report Enterprise Banner image upload field. Administrative users can inject malicio...

This vulnerability allows administrative users in OPEXUS FOIAXpress to inject malicious JavaScript or content into the Technical Support Hyperlink Manager. When other users click these links, the inje...

OPEXUS FOIAXpress versions before 11.13.3.0 contain a stored cross-site scripting (XSS) vulnerability where administrative users can upload malicious SVG images containing JavaScript. When other users...

This vulnerability allows administrative users in OPEXUS FOIAXpress to inject malicious JavaScript into Annual Report Templates. When other users generate these reports, the injected code executes in ...