Description
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.
Remediation
References
Related Vulnerabilities
WordPress Plugin Bird Feeder Multiple Vulnerabilities (1.2.3)
WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)
Drupal Core 5.x HTTP Response Splitting (5.0 - 5.2)
Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933)
Serendipity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3800)