CSRF Vulnerability in Ice Hrm 29.0.0.OS Allows Unauthorized Account Creation and Password Modification

CSRF Vulnerability in Ice Hrm 29.0.0.OS Allows Unauthorized Account Creation and Password Modification

CVE-2021-34244 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A cross site request forgery (CSRF) vulnerability was discovered in Ice Hrm 29.0.0.OS which allows attackers to create new admin accounts or change users' passwords.

Learn more about our User Device Pen Test.