Vulnerabilities

CVE-2026-24034 - Horilla has File Upload XSS

2026-01-22 0 views admin
CVE-2026-24034 - Horilla has File Upload XSS

CVE ID : CVE-2026-24034 Published : Jan. 22, 2026, 2:41 a.m. | 1 hour, 4 minutes ago Description : Horilla is a free and open source Human Resource Management System (HRMS). In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo update step. Version 1.5.0 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Published
Jan. 22, 2026

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-24034

More from Vulnerabilities

CVE-2026-0920 - LA-Studio Element Kit for Elementor <= 1.5.6.3 - unauthenticated privilege escala...

CVE-2026-0920 - LA-Studio Element Kit for Elementor <= 1.5.6.3 - unauthenticated privilege escala...

2026-01-22 0
CVE-2026-24038 - Horilla HR has 2FA Bypass through its OTP Handling Logic

CVE-2026-24038 - Horilla HR has 2FA Bypass through its OTP Handling Logic

2026-01-22 0
CVE-2026-24037 - Horilla HRM has XSS Bypass through Project Name

CVE-2026-24037 - Horilla HRM has XSS Bypass through Project Name

2026-01-22 0
CVE-2026-24036 - Horilla Exposes Unpublished Job Disclosures through Unauthenticated API

CVE-2026-24036 - Horilla Exposes Unpublished Job Disclosures through Unauthenticated API

2026-01-22 0

Trending

1

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

2026-01-15 • 4457 views
2

Tech: Data is the only moat

2026-01-15 • 4133 views
3

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

2026-01-15 • 3239 views
4

Tech: AWS European Sovereign Cloud

2026-01-15 • 2741 views
5

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3

2026-01-15 • 2719 views