Description
Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Maps CP Cross-Site Scripting (1.0.3)
ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-0204)
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2021-43940)
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8451)
WordPress Plugin Support Ticket System Multiple SQL Injection Vulnerabilities (1.2)