CVE-2026-34384

HIGH EPSS 6.6%
Published Mar 31, 20263mo ago · Modified Jun 17, 20262w ago
7.3 CVSS 3.1
High
Find Similar
Published Mar 31, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

Admidio is an open-source user management solution. Prior to version 5.0.8, the create_user, assign_member, and assign_user action modes in modules/registration.php approve pending user registrations via GET request without validating a CSRF token. Unlike the delete_user mode in the same file (which correctly validates the token), these three approval actions read their parameters from $_GET and perform irreversible state changes without any protection. An attacker who has submitted a pending registration can extract their own user UUID from the registration confirmation email URL, then trick any user with the rol_approve_users right into visiting a crafted URL that automatically approves the registration. This bypasses the manual registration approval workflow entirely. This issue has been patched in version 5.0.8.

CVSS Details

Base Score
7.3
Exploitability
2.1
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability None

Threat Intelligence

EPSS Exploit Probability
6.6% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-352 Cross-Site Request Forgery (CSRF) Authentication

Affected Products 1

VendorProductVersionRange
admidioadmidio* <5.0.8

References 2

  • github.com https://github.com/Admidio/admidio/commit/707171c188b3e8f36007fc3f2bccbfac896ed019
    Patch
  • github.com https://github.com/Admidio/admidio/security/advisories/GHSA-ph84-r98x-2j22
    ExploitMitigationVendor Advisory

Remediation

  • github.com https://github.com/Admidio/admidio/commit/707171c188b3e8f36007fc3f2bccbfac896ed019
    Patch