A vulnerability has been found in OPEXUS eComplaint and eCASE and classified as problematic . Affected by this vulnerability is an unknown functionality of the component User Profile Handler . The manipulation of the argument first name/last name leads to cross site scripting. This vulnerability is referenced as CVE-2026-32866 . Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.