CVE-2025-59524
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-09-29
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| horilla | horilla | to 1.4.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Horilla HRMS versions prior to 1.4.0, where file upload validation is only done on the client side and not enforced on the server. An attacker can bypass client-side checks to upload a malicious executable HTML file. When an administrator or privileged user views this file, the embedded script executes in their context and sends their session cookies or credentials to the attacker, allowing the attacker to impersonate the admin.
How can this vulnerability impact me? :
The vulnerability can lead to an attacker stealing administrator credentials by executing malicious scripts in the admin's browser context. This allows the attacker to impersonate the admin, potentially gaining unauthorized access to sensitive HR data and administrative functions within the Horilla system.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Horilla to version 1.4.0 or later, as this version includes a patch that enforces server-side validation of uploaded files to prevent the vulnerability.