Intrusion Prevention



This indicates an attack attempt to exploit a Privilege Escalation vulnerability in Joomla User component.
The vulnerability is due to the application's failure to properly sanitize user input before using it in an account creation. As a result, a remote attacker can send a crafted query to create a user with elevated permission.

Affected Products

Joomla! CMS versions 3.4.4 through 3.6.3


Privilege Escalation: Remote attackers can create any account with elevated permission on affected machines

Recommended Actions

Upgrade to version 3.6.4 or higher available from the website

CVE References

CVE-2016-8870 CVE-2016-8869