FKIE_CVE-2026-24035

Vulnerability from fkie_nvd - Published: 2026-01-22 04:15 - Updated: 2026-01-29 19:02
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
Horilla is a free and open source Human Resource Management System (HRMS). An Improper Access Control vulnerability exists in Horilla HR Software starting in version 1.4.0 and prior to version 1.5.0, allowing any authenticated employee to upload documents on behalf of another employee without proper authorization. This occurs due to insufficient server-side validation of the employee_id parameter during file upload operations, allowing any authenticated employee to upload document in behalf of any employee. Version 1.5.0 fixes the issue.
References
security-advisories@github.comhttps://drive.google.com/file/d/1i00-NnipvxH8bGY-SyqEjnDQfxIbVGRR/view?usp=sharingExploit
security-advisories@github.comhttps://github.com/horilla-opensource/horilla/releases/tag/1.5.0Release Notes
security-advisories@github.comhttps://github.com/horilla-opensource/horilla/security/advisories/GHSA-fm3f-xpgx-8xr3Exploit, Vendor Advisory
Impacted products
Vendor Product Version
horilla horilla 1.4.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:horilla:horilla:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55143854-C369-4CAA-B671-90EFC9170F64",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Horilla is a free and open source Human Resource Management System (HRMS). An Improper Access Control vulnerability exists in Horilla HR Software starting in version 1.4.0 and prior to version 1.5.0, allowing any authenticated employee to upload documents on behalf of another employee without proper authorization. This occurs due to insufficient server-side validation of the employee_id parameter during file upload operations, allowing any authenticated employee to upload document in behalf of any employee. Version 1.5.0 fixes the issue."
    },
    {
      "lang": "es",
      "value": "Horilla es un Sistema de Gesti\u00f3n de Recursos Humanos (HRMS) gratuito y de c\u00f3digo abierto. Existe una vulnerabilidad de control de acceso inadecuado en el software Horilla HR a partir de la versi\u00f3n 1.4.0 y anterior a la versi\u00f3n 1.5.0, que permite a cualquier empleado autenticado subir documentos en nombre de otro empleado sin la autorizaci\u00f3n adecuada. Esto ocurre debido a una validaci\u00f3n insuficiente del lado del servidor del par\u00e1metro employee_id durante las operaciones de carga de archivos, lo que permite a cualquier empleado autenticado subir documentos en nombre de cualquier empleado. La versi\u00f3n 1.5.0 corrige el problema."
    }
  ],
  "id": "CVE-2026-24035",
  "lastModified": "2026-01-29T19:02:03.140",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-01-22T04:15:59.453",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://drive.google.com/file/d/1i00-NnipvxH8bGY-SyqEjnDQfxIbVGRR/view?usp=sharing"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/horilla-opensource/horilla/releases/tag/1.5.0"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/horilla-opensource/horilla/security/advisories/GHSA-fm3f-xpgx-8xr3"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.