Skip to main content

Horilla CVE-2026-24010

HIGH
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)
2026-01-22 security-advisories@github.com
8.0
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.0 HIGH
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
PoC Detected
Jan 29, 2026 - 20:00 vuln.today
Public exploit code
CVE Published
Jan 22, 2026 - 03:15 nvd
HIGH 8.0

DescriptionGitHub Advisory

Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior to 1.5.0, with Social Engineering, allows authenticated users to deploy phishing attacks. By uploading a malicious HTML file disguised as a profile picture, an attacker can create a convincing login page replica that steals user credentials. When a victim visits the uploaded file URL, they see an authentic-looking "Session Expired" message prompting them to re-authenticate. All entered credentials are captured and sent to the attacker's server, enabling Account Takeover. Version 1.5.0 patches the issue.

AnalysisAI

Horilla versions up to 1.5.0 contains a vulnerability that allows attackers to deploy phishing attacks (CVSS 8.0).

Technical ContextAI

affects Horilla. Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior to 1.5.0, with Social Engineering, allows authenticated users to deploy phishing attacks. By uploading a malicious HTML file disguised as a profile picture, an attacker can create a convincing login page replica that steals user credentials. When a victim visits the uploaded file URL, they see an authentic-looking "Session Expired" message prompting them to re-authent

RemediationAI

Monitor vendor advisories for a patch. Validate file types by content. Store uploads outside web root. Restrict network access to the affected service where possible.

CVE-2026-24038 HIGH POC
8.1 Jan 22

Horilla HRMS versions prior to 1.5.0 allow authenticated attackers to bypass two-factor authentication due to improper O

CVE-2025-59525 HIGH POC
7.7 Sep 24

Horilla is a free and open source Human Resource Management System (HRMS). Rated high severity (CVSS 7.7), this vulnerab

CVE-2025-48868 HIGH POC
7.2 Sep 24

Horilla is a free and open source Human Resource Management System (HRMS). Rated high severity (CVSS 7.2), this vulnerab

CVE-2026-24034 MEDIUM POC
5.4 Jan 22

Horilla versions up to 1.5.0 is affected by unrestricted upload of file with dangerous type (CVSS 5.4).

CVE-2026-24036 MEDIUM POC
5.3 Jan 22

Horilla HRMS versions 1.4.0 and above allow unauthenticated access to unpublished job postings through the /recruitment/

CVE-2024-12138 MEDIUM POC
5.3 Dec 04

A vulnerability classified as critical was found in horilla up to 1.2.1. Rated medium severity (CVSS 5.3), this vulnerab

CVE-2025-48867 MEDIUM POC
4.8 Sep 24

Horilla is a free and open source Human Resource Management System (HRMS). Rated medium severity (CVSS 4.8), this vulner

CVE-2026-24037 MEDIUM POC
4.8 Jan 22

Horilla HRMS version 1.4.0 contains insufficient input validation in its XSS prevention function, allowing attackers to

CVE-2026-40866 HIGH
8.6 Apr 21

Authenticated users in Horilla HRMS 1.5.0 can overwrite or corrupt any employee's documents via insecure direct object r

CVE-2026-24035 MEDIUM POC
4.3 Jan 22

Horilla is a free and open source Human Resource Management System (HRMS). [CVSS 4.3 MEDIUM]

CVE-2026-24039 MEDIUM POC
4.3 Jan 22

Horilla HRMS 1.4.0 contains insufficient server-side authorization checks that permit low-privileged employees to self-a

CVE-2026-40867 HIGH
7.1 Apr 21

Broken access control in Horilla HRMS 1.5.0 helpdesk module allows any authenticated employee to view support ticket att

Share

CVE-2026-24010 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy