CSRF Vulnerability in ICE Hrm 26.2.0 Affects User Creation
CVE-2020-9271
6.5MEDIUM
What is CVE-2020-9271?
ICE Hrm version 26.2.0 is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability that enables unauthorized user account creation via the 'service.php' endpoint. This security flaw can be exploited by attackers to craft malicious requests that can lead to the proliferation of unwanted user accounts within the system, raising significant security concerns for organizations utilizing this product.
