CVE-2012-6562

Name of the Vulnerable Software and Affected Versions Elgg versions prior to 1.8.5

Description The issue is related to improper permission specification for the useradd action in the engine/lib/users.php file. This allows remote attackers to create arbitrary accounts.

Recommendations For versions prior to 1.8.5, update to version 1.8.5 or later to resolve the issue.