CVE-2026-24036 Horilla Exposes Unpublished Job Disclosures through Unauthenticated API

Horilla is a free and open source Human Resource Management System HRMS. Versions 1.4.0 and above expose unpublished job postings through the /recruitment/recruitment-details// endpoint without authentication. The response includes draft job titles, descriptions and application link allowing...