DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-WWG8-6FFR-H4Q2: GHSA-wwg8-6ffr-h4q2: Cross-Site Request Forgery in Admidio Role Management

#security #cve #cybersecurity #ghsa

GHSA-wwg8-6ffr-h4q2: Cross-Site Request Forgery in Admidio Role Management

Vulnerability ID: GHSA-WWG8-6FFR-H4Q2
CVSS Score: 5.7
Published: 2026-03-16

Admidio versions 5.0.0 through 5.0.6 contain a Cross-Site Request Forgery (CSRF) vulnerability in the organizational role management module. The application fails to validate anti-CSRF tokens for state-changing operations including role deletion, activation, and deactivation. An attacker can leverage this flaw to perform unauthorized actions by tricking a privileged user into executing a malicious request.

TL;DR

A missing CSRF validation check in Admidio's role management module allows attackers to permanently delete or modify organizational roles by tricking authenticated administrators into clicking a malicious link.

⚠️ Exploit Status: POC

Technical Details

  • Vulnerability Type: Cross-Site Request Forgery (CSRF)
  • CWE ID: CWE-352
  • CVSS v3.1 Base Score: 5.7 (Medium)
  • Attack Vector: Network
  • User Interaction: Required
  • Privileges Required: Low
  • Exploit Status: Proof of Concept Available

Affected Systems

  • Admidio Core Application
  • admidio/admidio: >= 5.0.0, < 5.0.7 (Fixed in: 5.0.7)

Mitigation Strategies

  • Upgrade Admidio to version 5.0.7 or later
  • Manually patch modules/groups-roles/groups_roles.php to include SecurityUtils::validateCsrfToken()
  • Implement network-level logging to detect unusual Referer headers targeting role management endpoints
  • Educate administrative staff on the risks of clicking external links while authenticated to the application

Remediation Steps:

  1. Back up the Admidio database and application files.
  2. Download Admidio version 5.0.7 from the official repository.
  3. Deploy the updated application files to the web server.
  4. Verify that the role management features function correctly.
  5. Review access logs for potential historical exploitation of the vulnerability.

References

Read the full report for GHSA-WWG8-6FFR-H4Q2 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)