OrangeHRM 4.10 suffers from a Referer header injection redirect vulnerability.Referenceshttps://github.com/orangehrm/orangehrm/issues/1174
