CVE-2025-25241

Due to a missing authorization check, an attacker who is logged in to application can view/ delete ?My Overtime Requests? which could allow the attacker to access employee information. This leads to low impact on confidentiality, integrity of the application. There is no impact on availability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt