CVE-2024-10598 | Tongda OA 11.2/11.3/11.4/11.5/11.6 Annual Leave data.php improper authorization
A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization.
This vulnerability was named CVE-2024-10598. The attack can be initiated remotely. Furthermore, there is an exploit available.