Vulnerabilities

CVE-2025-54834

by Fred · 31/07/2025

OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place.

Assigner : cisa@example.com

More information : https://docs.opexustech.com/docs/foiaxpress/11.12.0/FOIAXpress_Release_notes_11.12.3.0.pdf

Similar

Tags: Cybersecurity Alert