CVE-2025-2589

Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
21/03/2025
Last modified:
01/04/2025

Description

A vulnerability was found in code-projects Human Resource Management System 1.0.1 and classified as critical. This issue affects the function Index of the file \handler\Account.go. The manipulation of the argument user_cookie leads to improper authorization. The exploit has been disclosed to the public and may be used.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:code-projects:human_resource_management:1.0.1:*:*:*:*:*:*:*