CVE-2025-66290 | OrangeHRM up to 5.7 Recruitment improper authorization (GHSA-qf8r-c54j-jw88 / EUVD-2025-199904)

A vulnerability was found in OrangeHRM up to 5.7. It has been rated as critical. Impacted is an unknown function of the component Recruitment Module. The manipulation leads to improper authorization.

This vulnerability is uniquely identified as CVE-2025-66290. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More