OPEXUS FOIAXpress Public Access Link (PAL) account-lockout and CAPTCHA protection bypass

July 31, 2025 invoker category_cve

CVE Details

Basic Information

Title OPEXUS FOIAXpress Public Access Link (PAL) account-lockout and CAPTCHA protection bypass
Type cve
Published 2025-07-31T17:26:31.457Z
Modified 2025-07-31T18:17:13.271Z

Product Information

Vendor OPEXUS
Product FOIAXpress Public Access Link (PAL)
Version 11.1.0

CVSS Information

Base Score 5.3 (MEDIUM)
Attack Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Analysis

AI Description A vulnerability in OPEXUS FOIAXpress Public Access Link (PAL) version 11.1.0 allows attackers to bypass account lockout and CAPTCHA protections, enabling easier brute-force attacks.
AI Severity Medium
AI Vendor OPEXUS
AI Product FOIAXpress Public Access Link (PAL)
AI Version 11.1.0

Affected Products

  • OPEXUS FOIAXpress Public Access Link (PAL) 11.1.0

Additional Information

CWE List CWE-307, CWE-602
Source cisa-cg

Description

OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can more easily brute force passwords.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.