2 matches found
PT-2026-30969
OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source allowed authenticated users to bypass disabled-module access controls via URL-encoded request paths and access functionality of modules disabled by an administrator. This vulnerability is fix...
Updated nghttp2 packages fix security vulnerability
Malformed request header may cause route matchers or access controls to be bypassed, resulting in escalation of privileges or information disclosure CVE-2019-18802...