CVE-2020-3124
Cisco HCM-F CSRF vulnerability (CVE-2020-3124) stems from insufficient CSRF protections in the web-based interface. An unauthenticated, remote attacker can persuade a user to click a malicious link, enabling arbitrary requests that could change a target user’s password and allow unauthorized acti...