XOOPS Profiles Module Activation Security Bypass Vulnerability

Summary
This host is running XOOPS and is prone to security bypass vulnerability.
Impact
Successful exploitation will allow remote attackers to activate their accounts without requiring approval from the administrator. Impact Level: Application.
Solution
Upgrade to the XOOPS version 2.4.1 http://www.xoops.org/modules/core/
Insight
The flaw exists due to the error in the 'activate.php' script which does not verify the activation type when resending the activation email.
Affected
XOOPS version prior to 2.4.1
References