Cross-Site Request Forgery in IceHrm 31.0.0.OS
CVE-2022-26588
6.5MEDIUM
What is CVE-2022-26588?
A Cross-Site Request Forgery (CSRF) vulnerability exists in IceHrm version 31.0.0.OS, allowing attackers to exploit the app/service.php endpoint. This flaw can be leveraged to delete arbitrary user accounts or potentially take over existing accounts, posing significant risks to user data and system integrity.
