Horilla is an open-source Human Resource Management System widely used for managing employee data and HR workflows. In version 1.4.0, a critical flaw exists in the access control mechanism governing document approval. Specifically, the server-side authorization checks on the document approval endpoint are insufficient, allowing users with only employee-level privileges to approve documents they have uploaded themselves. The document approval UI is designed to be accessible only by administrators or users with elevated privileges, but the backend does not enforce this restriction properly. This vulnerability (CWE-284: Improper Access Control) enables low-privileged users to modify application state reserved for higher privilege roles, effectively bypassing intended security controls. Exploiting this flaw can lead to acceptance of unvetted or fraudulent documents such as credentials or certifications, compromising HR process integrity. The vulnerability has a CVSS 3.1 base score of 4.3, reflecting low attack complexity and no user interaction required, but limited impact on confidentiality and availability. The issue is resolved in Horilla version 1.5.0, which implements proper server-side authorization checks. No public exploits or widespread attacks have been reported to date.

For European organizations using Horilla HRMS, this vulnerability poses a significant risk to the integrity of HR workflows. Unauthorized self-approval of documents can lead to acceptance of fraudulent or unverified credentials, certifications, or other critical employee documentation. This could result in hiring unqualified personnel, regulatory compliance violations, and damage to organizational reputation. While the vulnerability does not directly impact confidentiality or availability, the integrity compromise can have downstream effects on operational security and trustworthiness of HR data. Organizations in regulated sectors such as finance, healthcare, and government are particularly vulnerable to compliance risks arising from manipulated HR records. The ease of exploitation by any employee without elevated privileges increases the likelihood of insider misuse or accidental abuse. Although no known exploits are currently active, the presence of this vulnerability in production environments should be treated seriously to prevent potential insider threats or targeted attacks leveraging this flaw.

European organizations should immediately upgrade Horilla HRMS installations to version 1.5.0 or later, where the improper access control issue is fixed. Until upgrading is possible, implement compensating controls such as restricting access to the document approval interface at the network or application firewall level to only trusted administrator IPs or VPNs. Conduct thorough audits of document approval logs to detect any unauthorized approvals and revoke or revalidate suspicious documents. Enforce strict role-based access control (RBAC) policies and monitor user activity for anomalous behavior related to document management. Additionally, implement multi-factor authentication (MFA) for administrator accounts to reduce risk of privilege escalation. Regularly review and update HR process workflows to include manual verification steps for critical approvals. Finally, educate HR staff and employees about the risks of unauthorized approvals and encourage reporting of suspicious activities.