CSRF Vulnerability in ICE Hrm 26.2.0 Allows Password Reset via service.php

CSRF Vulnerability in ICE Hrm 26.2.0 Allows Password Reset via service.php

CVE-2020-9270 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php.

Learn more about our Web Application Penetration Testing UK.