CSRF Vulnerability in Admidio 3.2.8 Allows Deletion of Arbitrary User Accounts

CSRF Vulnerability in Admidio 3.2.8 Allows Deletion of Arbitrary User Accounts

CVE-2017-8382 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:N/A:P

admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.

Learn more about our User Device Pen Test.