Cross-Site Request Forgery Vulnerability in Ice Hrm by Ice Hrm
CVE-2021-34244
8.8HIGH
What is CVE-2021-34244?
A significant cross-site request forgery (CSRF) vulnerability exists in the Ice Hrm software version 29.0.0.OS, enabling malicious actors to exploit this weakness to perform unauthorized actions. Specifically, attackers can potentially create new administrative accounts or modify existing users' passwords without proper authentication or consent. This flaw underscores the need for robust security measures to safeguard user accounts and sensitive data within web applications.
