CVE-2025-66291 | OrangeHRM up to 5.7 Recruitment improper authorization (GHSA-v32g-r8xx-4g6g / EUVD-2025-199903)

A vulnerability categorized as critical has been discovered in OrangeHRM up to 5.7. The affected element is an unknown function of the component Recruitment Module. The manipulation results in improper authorization.

This vulnerability was named CVE-2025-66291. The attack may be performed from remote. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More