Joomla Core Privilege Escalation - CVE-2016-9838

Joomla Core is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions subsequently they can modify existing user accounts (reset username password and user group assignments). Joomla Core versions ranging from 1.6.0 and up to and including 3.6.4 are vulnerable.