A privilege escalation vulnerability has been found in the User module of the Drupal content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/SA-CORE-2016-002