Vulnerabilities > Icehrm > Icehrm > 26.2.0.os

DATE CVE VULNERABILITY TITLE RISK
2020-02-18 CVE-2020-9271 Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 26.2.0.Os
ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php.
network
icehrm CWE-352
4.3
4.3
2020-02-18 CVE-2020-9270 Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 26.2.0.Os
ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php.
network
icehrm CWE-352
6.8
6.8