{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "3.6.3" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "2e0aaf4d8144ec083aead8703b6e1ab2b978ad75" }, { "fixed": "bae1d43938c878480cfd73671e4945211538fdcf" } ], "repo": "https://github.com/joomla/joomla-cms", "type": "GIT" } ] } ], "details": "The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.", "id": "CVE-2016-8869", "modified": "2026-04-01T23:08:36.330565018Z", "published": "2016-11-04T21:59:07.553Z", "references": [ { "type": "WEB", "url": "https://medium.com/%40showthread/joomla-3-6-4-account-creation-elevated-privileges-write-up-and-exploit-965d8fb46fa2#.rq4qh1v4r" }, { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/93883" }, { "type": "ADVISORY", "url": "http://www.securitytracker.com/id/1037108" }, { "type": "ADVISORY", "url": "https://developer.joomla.org/security-centre/660-20161002-core-elevated-privileges.html" }, { "type": "ADVISORY", "url": "http://www.rapid7.com/db/modules/auxiliary/admin/http/joomla_registration_privesc" }, { "type": "FIX", "url": "https://github.com/joomla/joomla-cms/commit/bae1d43938c878480cfd73671e4945211538fdcf" }, { "type": "EVIDENCE", "url": "https://blog.sucuri.net/2016/10/details-on-the-privilege-escalation-vulnerability-in-joomla.html" }, { "type": "EVIDENCE", "url": "https://www.exploit-db.com/exploits/40637/" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }