- Posts: 4683
- Thank you received: 349
Joomla (< 3.6.4) Account Creation/Elevated Privileges
- Jose
-
Topic Author
- Offline
- Administrator
-
Less
More
6 years 7 months ago - 6 years 7 months ago #3619
by Jose
Joomla (< 3.6.4) Account Creation/Elevated Privileges was created by Jose
Last Tuesday Joomla published version 3.6.4, an update to patch security issues:
High Priority — Core — Account Creation (affecting Joomla! 3.4.4 through 3.6.3)
High Priority — Core — Elevated Privileges (affecting Joomla! 3.4.4 through 3.6.3)
Securitycheck Pro protects against this threat. A couple of versions ago I added a feature to forbid new administrative accounts (Web firewall configuration --> User session protection --> Forbid new admin accounts):
Just enable it and no new administrative accounts will be allowed.
Regards,
Jose
High Priority — Core — Account Creation (affecting Joomla! 3.4.4 through 3.6.3)
High Priority — Core — Elevated Privileges (affecting Joomla! 3.4.4 through 3.6.3)
Securitycheck Pro protects against this threat. A couple of versions ago I added a feature to forbid new administrative accounts (Web firewall configuration --> User session protection --> Forbid new admin accounts):
Just enable it and no new administrative accounts will be allowed.
Regards,
Jose
Last edit: 6 years 7 months ago by Jose.
Please Log in or Create an account to join the conversation.
Time to create page: 0.141 seconds
In order to provide you with the best online experience this website uses cookies. Delete cookies
In order to provide you with the best online experience this website uses cookies.
By using our website, you agree to our use of cookies.
I agree
Copyright © 2023 Securitycheck Extensions. All Rights Reserved.
This site is not affiliated with or endorsed by the Joomla! Project. It is not supported or warranted by the Joomla! Project or Open Source Matters. The Joomla! logo is used under a limited license granted by Open Source Matters, the trademark holder in the United States and other countries.
We may collect your IP address and your browser's User Agent string while using our site for security reasons. This information is retained only until we check you're not trying to hack our website.