Primary

Context

OrangeHRM Open Source Self-Appraisal Integrity Vulnerability for Administrators

Vulnerability

Patched

A vulnerability in OrangeHRM Open Source versions 5.0 through 5.8 allows administrator users to modify self-appraisal submissions after they have been marked as completed. This issue disrupts the integrity of finalized appraisal records. The vulnerability has been addressed in version 5.8.1.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in self-appraisal records, allowing for the manipulation of finalized appraisal evaluations.

Remediation

Users can upgrade to OrangeHRM Open Source version 5.8.1 to address this vulnerability.

Added: Apr 7, 2026, 8:02 PM

Updated: Apr 7, 2026, 8:02 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

4.8

remediation

7.7

relevance

5.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

4.8

remediation

7.7

relevance

5.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OrangeHRM Open Source Self-Appraisal Integrity Vulnerability for Administrators

Vulnerability

Impact

Remediation

Affected Products

OrangeHRM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating