CVE-2021-34244

CVE-2021-34244

EPSS 0.6%

A cross site request forgery (CSRF) vulnerability was discovered in Ice Hrm 29.0.0.OS which allows attackers to create new admin accounts or change users' passwords.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/xoffense/POC/blob/main/Account%20takeover%20using%20CSRF%20in%20ICE%20Hrm%20Version%2029.0.0.OS.md