ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php.
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-9270.json"