CVE-2021-34244

CVE-2021-34244

EPSS 0.6%

A cross site request forgery (CSRF) vulnerability was discovered in Ice Hrm 29.0.0.OS which allows attackers to create new admin accounts or change users' passwords.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/xoffense/POC/blob/main/Account%20takeover%20using%20CSRF%20in%20ICE%20Hrm%20Version%2029.0.0.OS.md