{"id":"CVE-2025-63294","details":"WorkDo HRM SaaS HR and Payroll Tool 8.1 is affected vulnerable to Insecure Permissions. An authenticated user can create leave or resignation records on behalf of other users.","modified":"2026-03-13T11:36:23.854701Z","published":"2025-11-04T16:16:01.090Z","references":[{"type":"WEB","url":"https://codecanyon.net/item/hrm-saas-hr-and-payroll-tool/25982934"},{"type":"WEB","url":"https://workdo.io/hrm-saas-human-resource-management-software/"},{"type":"EVIDENCE","url":"https://medium.com/@barrattjack89/cve-2025-63294-insecure-permissions-in-workdo-hrm-saas-hr-and-payroll-8-1-d6bb03c21177"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-63294.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}