Horilla-hr versions up to 1.5.0 contain a CWE-601 open redirect vulnerability where the notification endpoints accept a 'next' parameter without validation and redirect users to external URLs. This allows attackers to manipulate trusted application URLs to redirect victims to potentially malicious sites. The vulnerability is network exploitable, requires low attack complexity, and user interaction is needed. It does not require privileges or authentication and has limited scope and impact on confidentiality, integrity, and availability.

Successful exploitation enables attackers to use trusted horilla-hr links to redirect users to arbitrary external websites. This can facilitate phishing or social engineering attacks by leveraging the trust users place in the legitimate application’s URLs. There is no direct impact on system confidentiality, integrity, or availability reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users and administrators should be cautious about clicking on notification links containing redirect parameters and consider implementing additional validation or filtering on the 'next' parameter if possible.