CVE-2026-40867
HIGHHorilla: Unauthorized Helpdesk Attachment Access via Attachment ID Manipulation
Title source: cnaDescription
Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, a broken access control vulnerability in the helpdesk attachment viewer allows any authenticated user to view attachments from other tickets by changing the attachment ID. This can expose sensitive support files and internal documents across unrelated users or teams.
References (1)
Core 1
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/horilla/horilla-hr/security/advisories/GHSA-j6qp-j853-qrff
Scores
CVSS v4
7.1
EPSS
0.0021
EPSS Percentile
10.8%
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-284
CWE-639
Status
published
Products (1)
horilla-opensource/horilla
1.5.0
Published
Apr 21, 2026
Tracked Since
Apr 22, 2026