Primary

Context

OrangeHRM Password Reset Workflow Vulnerability Leading to Account Takeover

Vulnerability

Patched

A vulnerability in OrangeHRM's password reset workflow, present in versions 5.0 through 5.7, allows for account takeover. The issue arises because the system does not verify that the username in the final reset request matches the account for which the reset was initiated. An attacker who obtains a valid reset link can manipulate the username parameter to target a different user. This unvalidated username acceptance enables the attacker to reset the password for any account, including those with privileged access.

Impact

Exploiting this vulnerability allows an attacker to take over any user account, including accounts with administrative privileges.

Remediation

Users can upgrade to OrangeHRM version 5.8 to address this vulnerability.

Added: Nov 29, 2025, 4:18 AM

Updated: Nov 29, 2025, 4:18 AM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

5.0

exploitability

5.2

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

5.0

exploitability

5.2

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OrangeHRM Password Reset Workflow Vulnerability Leading to Account Takeover

Vulnerability

Impact

Remediation

Affected Products

OrangeHRM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating