CVE-2026-34384

Published: Mar 31, 2026

Modified: Apr 1, 2026

PUBLISHED

CVSS v3.1

4.5

MEDIUM

Description

Admidio is an open-source user management solution. Prior to version 5.0.8, the create_user, assign_member, and assign_user action modes in modules/registration.php approve pending user registrations via GET request without validating a CSRF token. Unlike the delete_user mode in the same file (which correctly validates the token), these three approval actions read their parameters from $_GET and perform irreversible state changes without any protection. An attacker who has submitted a pending registration can extract their own user UUID from the registration confirmation email URL, then trick any user with the rol_approve_users right into visiting a crafted URL that automatically approves the registration. This bypasses the manual registration approval workflow entirely. This issue has been patched in version 5.0.8.

Vendor	Product	Versions
Admidio	admidio	affected `< 5.0.8`

Weaknesses (CWE)

CWE-352

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

References

https://github.com/Admidio/admidio/security/advisories/GHSA-ph84-r98x-2j22

x_refsource_CONFIRM

https://github.com/Admidio/admidio/commit/707171c188b3e8f36007fc3f2bccbfac896ed019

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-34384

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References