A vulnerability identified as critical has been detected in manjurulhoque django-job-portal up to dfa352f305bba44445ac5dc12e9b2a98c9dcd71f. Affected by this vulnerability is the function
EditEmployeeProfileAPIView of the file accounts/api/views.py of the component Employee Dashboard Endpoint. This manipulation of the argument role causes improper access controls.
This vulnerability appears as CVE-2026-15188. The attack may be initiated remotely. In addition, an exploit is available.
This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.
The project was informed of the problem early through an issue report but has not responded yet.