High severity7.3NVD Advisory· Published Apr 1, 2025· Updated Apr 15, 2026

CVE-2025-29033

Description

An issue in BambooHR Build v.25.0210.170831-83b08dd allows a remote attacker to escalate privileges via the /saml/index.php?r=" HTTP GET parameter.

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

No linked articles in our index yet.