Vulnerability Details CVE-2025-2589
A vulnerability was found in code-projects Human Resource Management System 1.0.1 and classified as critical. This issue affects the function Index of the file \handler\Account.go. The manipulation of the argument user_cookie leads to improper authorization. The exploit has been disclosed to the public and may be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.4%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 5.2
References
Products affected by CVE-2025-2589
-
cpe:2.3:a:code-projects:human_resource_management:1.0.1