CVE-2026-45081
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
6.5 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Description
Frappe HR is an open-source human resources management solution (HRMS). Prior to 16.5.0, authenticated employees could access other employees’ leave details due to improper authorization checks. This vulnerability is fixed in 16.5.0.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-863
Source
NVD
Vendor
frappe
Product
hrms
Discussion (0)
Add Comment
No comments yet. Be the first!