CVE-2018-25370
CVE-2018-25370 affects Admidio 3.3.5. A cross-site request forgery vulnerability allows low-privilege users to increase permissions by exploiting improper origin checking in roles_function.php. Attacks can craft malicious HTML forms targeting parameters such as rol_assign_roles, rol_approve_users...