Vulnerability Spotlight: SQL injection vulnerability in Glacies IceHRM

Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.

Cisco Talos researchers recently discovered that the Glacies’ IceHRM software contains a vulnerability that could allow an adversary to inject SQL. IceHRM is a human resource management tool, allowing users to create and track timesheets for employees, upload documents and manage payroll.

You can read the full article here.