[MEDIUM] Admidio has CSRF and Form Validation Bypass in Inventory Item Save via `imported` Parameter

PKSA-ksvx-vqkf-t9m4 CVE-2026-34383 GHSA-4rwm-c5mj-wh7x

Affected package: admidio/admidio

Affected version: <=5.0.7

Reported by:
GitHub