| ID |
CVE-2026-34384
|
| Sažetak |
Admidio is an open-source user management solution. Prior to version 5.0.8, the create_user, assign_member, and assign_user action modes in modules/registration.php approve pending user registrations via GET request without validating a CSRF token. Unlike the delete_user mode in the same file (which correctly validates the token), these three approval actions read their parameters from $_GET and perform irreversible state changes without any protection. An attacker who has submitted a pending registration can extract their own user UUID from the registration confirmation email URL, then trick any user with the rol_approve_users right into visiting a crafted URL that automatically approves the registration. This bypasses the manual registration approval workflow entirely. This issue has been patched in version 5.0.8. |
| Reference |
|
| CVSS |
| Base: | 4.5 |
| Impact: | 3.6 |
| Exploitability: | 0.9 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| NETWORK |
LOW |
HIGH |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
HIGH |
NONE |
|
| CVSS vektor |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N |
| Zadnje važnije ažuriranje |
31-03-2026 - 21:16 |
| Objavljeno |
31-03-2026 - 21:16 |
