CVE-2024-47836 (GCVE-0-2024-47836)
Vulnerability from cvelistv5 – Published: 2024-10-16 19:43 – Updated: 2024-10-16 20:07
VLAI
Title
Admidio vulnerable to HTML Injection In The Messages Section
Summary
Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Admidio/admidio/security/advis… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "admidio",
"vendor": "admidio",
"versions": [
{
"lessThan": "4.3.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47836",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T20:04:47.636984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T20:07:29.259Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "admidio",
"vendor": "Admidio",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T19:43:07.894Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2"
}
],
"source": {
"advisory": "GHSA-7c4c-749j-pfp2",
"discovery": "UNKNOWN"
},
"title": "Admidio vulnerable to HTML Injection In The Messages Section"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47836",
"datePublished": "2024-10-16T19:43:07.894Z",
"dateReserved": "2024-10-03T14:06:12.644Z",
"dateUpdated": "2024-10-16T20:07:29.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-47836",
"date": "2026-06-19",
"epss": "0.00469",
"percentile": "0.36873"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue.\"}, {\"lang\": \"es\", \"value\": \"Admidio es una soluci\\u00f3n de gesti\\u00f3n de usuarios de c\\u00f3digo abierto. Antes de la versi\\u00f3n 4.3.12, una vulnerabilidad de deserializaci\\u00f3n insegura permit\\u00eda a cualquier usuario no autenticado ejecutar c\\u00f3digo arbitrario en el servidor. La versi\\u00f3n 4.3.12 soluciona este problema.\"}]",
"id": "CVE-2024-47836",
"lastModified": "2024-10-18T12:53:04.627",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N\", \"baseScore\": 3.5, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 1.4}]}",
"published": "2024-10-16T20:15:06.350",
"references": "[{\"url\": \"https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2\", \"source\": \"security-advisories@github.com\"}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-47836\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-10-16T20:15:06.350\",\"lastModified\":\"2025-03-05T15:26:37.907\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue.\"},{\"lang\":\"es\",\"value\":\"Admidio es una soluci\u00f3n de gesti\u00f3n de usuarios de c\u00f3digo abierto. Antes de la versi\u00f3n 4.3.12, una vulnerabilidad de deserializaci\u00f3n insegura permit\u00eda a cualquier usuario no autenticado ejecutar c\u00f3digo arbitrario en el servidor. La versi\u00f3n 4.3.12 soluciona este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":3.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.3.12\",\"matchCriteriaId\":\"E1C43E68-074E-42B1-B940-6D1304AB175C\"}]}]}],\"references\":[{\"url\":\"https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47836\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-16T20:04:47.636984Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*\"], \"vendor\": \"admidio\", \"product\": \"admidio\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"4.3.12\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-16T20:06:12.432Z\"}}], \"cna\": {\"title\": \"Admidio vulnerable to HTML Injection In The Messages Section\", \"source\": {\"advisory\": \"GHSA-7c4c-749j-pfp2\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Admidio\", \"product\": \"admidio\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 4.3.12\"}]}], \"references\": [{\"url\": \"https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2\", \"name\": \"https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502: Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-10-16T19:43:07.894Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-47836\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-16T20:07:29.259Z\", \"dateReserved\": \"2024-10-03T14:06:12.644Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-10-16T19:43:07.894Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2024-47836
Vulnerability from fkie_nvd - Published: 2024-10-16 20:15 - Updated: 2026-06-17 07:57
Severity
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue.
References
{
"affected": [
{
"affectedData": [
{
"product": "admidio",
"vendor": "Admidio",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.12"
}
]
}
],
"source": "security-advisories@github.com"
},
{
"affectedData": [
{
"cpes": [
"cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "admidio",
"vendor": "admidio",
"versions": [
{
"lessThan": "4.3.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C43E68-074E-42B1-B940-6D1304AB175C",
"versionEndExcluding": "4.3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue."
},
{
"lang": "es",
"value": "Admidio es una soluci\u00f3n de gesti\u00f3n de usuarios de c\u00f3digo abierto. Antes de la versi\u00f3n 4.3.12, una vulnerabilidad de deserializaci\u00f3n insegura permit\u00eda a cualquier usuario no autenticado ejecutar c\u00f3digo arbitrario en el servidor. La versi\u00f3n 4.3.12 soluciona este problema."
}
],
"id": "CVE-2024-47836",
"lastModified": "2026-06-17T07:57:50.630",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2024-47836",
"options": [
{
"exploitation": "poc"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T20:04:47.636984Z",
"version": "2.0.3"
}
}
]
},
"published": "2024-10-16T20:15:06.350",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
GHSA-7C4C-749J-PFP2
Vulnerability from github – Published: 2024-10-16 19:50 – Updated: 2024-10-16 22:07
VLAI
Summary
Admidio Vulnerable to HTML Injection In The Messages Section
Details
Summary
An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server.
PoC
- Go to https://www.admidio.org/demo_en/adm_program/modules/messages/messages.php
- Click on Send Private Message
- In the
Messagefield, enter the following payloadTesting<br><h1>HTML</h1><br><h2>Injection</h2>
- Send the message
- Open the message again
Impact
- Data Theft: Stealing sensitive information like cookies, session tokens, and user credentials.
- Session Hijacking: Gaining unauthorized access to user accounts.
- Phishing: Tricking users into revealing sensitive information.
- Website Defacement: Altering the appearance or content of the website.
- Malware Distribution: Spreading malware to users' devices.
- Denial of Service (DoS): Overloading the server with malicious requests.
Severity
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "admidio/admidio"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.3.12"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-47836"
],
"database_specific": {
"cwe_ids": [
"CWE-502",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2024-10-16T19:50:40Z",
"nvd_published_at": "2024-10-16T20:15:06Z",
"severity": "LOW"
},
"details": "### Summary\nAn unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server.\n\n### PoC\n1. Go to\nhttps://www.admidio.org/demo_en/adm_program/modules/messages/messages.php\n2. Click on Send Private Message\n3. In the `Message` field, enter the following payload\n`Testing\u003cbr\u003e\u003ch1\u003eHTML\u003c/h1\u003e\u003cbr\u003e\u003ch2\u003eInjection\u003c/h2\u003e`\n\n\u003e \n\n\n4. Send the message\n5. Open the message again\n\n\u003e \n\n\n\n### Impact\n1. Data Theft: Stealing sensitive information like cookies, session tokens, and user credentials.\n2. Session Hijacking: Gaining unauthorized access to user accounts.\n3. Phishing: Tricking users into revealing sensitive information.\n4. Website Defacement: Altering the appearance or content of the website.\n5. Malware Distribution: Spreading malware to users\u0027 devices.\n6. Denial of Service (DoS): Overloading the server with malicious requests.",
"id": "GHSA-7c4c-749j-pfp2",
"modified": "2024-10-16T22:07:51Z",
"published": "2024-10-16T19:50:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47836"
},
{
"type": "WEB",
"url": "https://github.com/Admidio/admidio/commit/176f60de6a38dde2b8e848b97647194c12cf5a6c"
},
{
"type": "PACKAGE",
"url": "https://github.com/Admidio/admidio"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Admidio Vulnerable to HTML Injection In The Messages Section"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…