The Joomla team released a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these versions of Joomla, you’re encouraged to update immediately.

The vulnerability has a high severity as it allows anyone to create a user remotely and specify the desired group permission to it, including administrator. Two CVE’s were assigned to these vulnerabilities: CVE-2016-8870 and CVE-2016-8869.

Continue reading Joomla Account Creation Vulnerability at Sucuri Blog.

Via Sucuri.net