horilla-opensource

Top products

The 15 most recently published vulnerabilities affecting horilla-opensource.

• CVE-2026-3050horilla-opensource horilla Leads global.js cross site scripting3.5Feb 24, 2026
• CVE-2026-3049horilla-opensource horilla Query Parameter global_search.py get redirect4.3Feb 24, 2026
• CVE-2026-24039Horilla's Improper Access Control Allows Employees to Auto-Approve Documents4.3Jan 22, 2026
• CVE-2026-24038Horilla HR has 2FA Bypass through its OTP Handling Logic8.1Jan 22, 2026
• CVE-2026-24037Horilla HRM has XSS Bypass through Project Name4.8Jan 22, 2026
• CVE-2026-24036Horilla Exposes Unpublished Job Disclosures through Unauthenticated API5.3Jan 22, 2026
• CVE-2026-24035Horilla has Improper Access Control Issue that Allows Unauthorized Document Upload on Behalf of Another Employee4.3Jan 22, 2026
• CVE-2026-24034Horilla has File Upload XSS5.4Jan 22, 2026
• CVE-2026-24010Horilla has HTML Injection Issue that, with Phishing, Leads to Account Takeover8.0Jan 22, 2026
• CVE-2025-59832Horrila Stored XSS Vulnerability via Ticket Comment section9.9Sep 25, 2025
• CVE-2025-59525Horilla has Improper Input Sanitization Leading to XSS and Admin Account Takeover6.1Sep 24, 2025
• CVE-2025-59524Horilla Stored XSS Vulnerability via File Upload in Reimbursement Panel6.1Sep 24, 2025
• CVE-2025-48867Horilla Stored Cross-Site Scripting (XSS) Vulnerability in Project and Task Modules4.8Sep 24, 2025
• CVE-2025-48869Horilla Unauthorized Access to Candidate Resume Files Due to Broken Access Control7.5Sep 24, 2025
• CVE-2025-48868Horilla vulnerable to authenticated RCE via eval() in project_bulk_archive7.2Sep 24, 2025