Primary

Context

OPEXUS FOIAXpress Public Access Link (PAL) Account-Lockout and CAPTCHA Protection Bypass

Vulnerability

A vulnerability in OPEXUS FOIAXpress Public Access Link (PAL) version 11.1.0 allows unauthenticated remote attackers to bypass account-lockout and CAPTCHA protections. This vulnerability makes it easier to brute force passwords. The issue has been addressed in version 11.12.3.0.

Impact

Exploitation of this vulnerability allows for unauthorized bypass of account-lockout and CAPTCHA mechanisms, facilitating password brute-forcing.

Remediation

Users are advised to upgrade to OPEXUS FOIAXpress PAL version 11.12.3.0.

Added: Jul 31, 2025, 6:20 PM

Updated: Jul 31, 2025, 7:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OPEXUS FOIAXpress Public Access Link (PAL) Account-Lockout and CAPTCHA Protection Bypass

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating