A cross site request forgery (CSRF) vulnerability exists in Ice Hrm 29.0.0.OS which allows malicious users to create new admin accounts or change users' passwords.
icehrm icehrm 29.0.0.os