Joomla – From No One to the Highest Privilege

Joomla, a popular free and open-source content management system, just released version 3.6.4 that fixed two critical vulnerabilities:

• [CVE-2016-8870] - Core - Account Creation: attackers can exploit this vulnerability to create any account in a Joomla system regardless of whether its registration has been disabled.
• [CVE-2016-8869] - Core - Elevated Privileges:  with the vulnerability above, an attacker not only can register an account in a vulnerable system, but also register with the highest privilege – Administrator.

We took a deeper dive to see how these exploits tick and would like to congratulate Davide Tampellini on his first CVE discovery.

Fortinet Blog