CVE-2026-24036
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-29
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| horilla | horilla | 1.4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Horilla HR Software versions 1.4.0 and above allows unauthenticated users to access unpublished job postings through the /recruitment/recruitment-details/{job_id}/ endpoint. Normally, unpublished job posts are meant to be private drafts, but due to improper access control, anyone can view draft job titles, descriptions, and application links without logging in. This means unauthorized users can see sensitive internal hiring information and even apply for jobs that are not yet publicly available. [1]
How can this vulnerability impact me? :
The impact includes leakage of sensitive internal hiring information such as upcoming hiring plans and department needs, which could be exploited by competitors or cause internal security concerns. It can also cause confusion among job candidates who see and apply for unpublished roles, increasing HR workload to manage these unauthorized applications. Additionally, it may lead to reputational damage for the organization due to perceived poor security practices. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the endpoint `/recruitment/recruitment-details/{job_id}/` on the Horilla HR Software without authentication, replacing `{job_id}` with various job IDs. If unpublished job postings are returned, the system is vulnerable. A simple command using curl to test this would be: `curl -i http://<host>/recruitment/recruitment-details/<job_id>/` and checking if draft job titles, descriptions, or application links are included in the response. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Horilla HR Software to version 1.5.0 or later, where the vulnerability is fixed by enforcing access control to only allow published job postings to be accessed. If upgrading is not immediately possible, restrict access to the `/recruitment/recruitment-details/{job_id}/` endpoint via network controls or web application firewall rules to block unauthenticated requests. Additionally, review and apply the patch that adds a filter to ensure only published recruitments are accessible and returns an error for unpublished ones. [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized access to unpublished job postings, which can lead to leakage of sensitive internal hiring information. This unauthorized disclosure of internal data could potentially impact compliance with data protection regulations such as GDPR, which require protection of personal and sensitive information. Although the CVE description and resources do not explicitly mention compliance with specific standards like GDPR or HIPAA, the exposure of sensitive internal information and potential reputational damage suggest a risk to compliance with privacy and data protection requirements. [1]