Project: Joomla!
SubProject: CMS
Severity: High
Versions: 3.4.4 through 3.6.3
Exploit type: Account Modifications
Reported Date: 2016-October-26
Fixed Date: 2016-October-25
CVE Number: CVE-2016-9081
Description
Incorrect use of unfiltered data allows for existing user accounts to be modified; to include resetting their username, password, and user group assignments.
Affected Installs
Joomla! CMS versions 3.4.4 through 3.6.3
Solution
Upgrade to version 3.6.4
Contact
The JSST at the Joomla! Security Centre.
Reported By: Joomla! Security Strike Team [20161003] - Core - Account Modifications
- Details
- Joomla RSS Sicherheit
- Kategorie: Joomla News
Project: Joomla!
SubProject: CMS
Severity: High
Versions: 3.4.4 through 3.6.3
Exploit type: Account Modifications
Reported Date: 2016-October-26
Fixed Date: 2016-October-25
CVE Number: CVE-2016-9081
Description
Incorrect use of unfiltered data allows for existing user accounts to be modified; to include resetting their username, password, and user group assignments.
Affected Installs
Joomla! CMS versions 3.4.4 through 3.6.3
Solution
Upgrade to version 3.6.4
Contact
The JSST at the Joomla! Security Centre.
Reported By: Joomla! Security Strike Team - Zugriffe: 1503