CVE-2012-6562

2013-05-23T11:55:02
ID CVE-2012-6562
Type cve
Reporter NVD
Modified 2017-08-28T21:32:58

Description

engine/lib/users.php in Elgg before 1.8.5 does not properly specify permissions for the useradd action, which allows remote attackers to create arbitrary accounts.