Joomla 3.9.5 has been upgraded to all our clients websites. This is a security fix release for the 3.x series of Joomla which addresses 4 security vulnerabilities and contains 28 bug fixes and improvements.
What's in 3.9.5?
Joomla 3.9.5 includes three security vulnerabilities fixes and several bugs and improvements, including:
Security Issues Fixed
- Low Priority - Core - Directory Traversal in com_media (affecting Joomla 1.5.0 through 3.9.4) More information »
- Low Priority - Core - Helpsites refresh endpoint callable for unauthenticated users (affecting Joomla 3.2.0 through 3.9.4) More information »
- Low Priority - Core - Object.prototype pollution in JQuery $.extend (affecting Joomla 3.0.0 through 3.9.4) More information »
Bug fixes and Improvements
- User Password: Add minimum lowercase rule for password validation #24230
- Associations tab: Fix wrong behaviour of Indonesian language #24244
- Debug language: Fix User Actions Log Manager #24178
- New installation language: Kazakh #24233
- Google Authenticator plugin (2FA): QR-code generator implemented #2425