Joomla 3.9.20 is Out
Joomla 3.9.20 is available and it’s a security release. Since a few security issues and bugs have been resolved, we’re considering this a security fix and we recommend all Joomla website owners have this upgrade done.
What's in 3.9.20?
Joomla 3.9.20 is a security release for the 3.x series of Joomla which addresses 6 security vulnerabilities and contains over 25 bug fixes and improvements.
Joomla! 3.9.20 Release (joomla.org)
Security Issues Fixed
- Low Priority - Core - CSRF in com_installer ajax_install endpoint (affecting Joomla! 3.7.0 through 3.9.19)
- Moderate Priority - Core - Missing checks can lead to a broken usergroups table record (affecting Joomla! 2.5.0 through 3.9.19)
- Low Priority - Core - CSRF in com_privacy remove-request feature (affecting Joomla! 3.9.0 through 3.9.19)
- Low Priority - Core - Variable tampering via user table class (affecting Joomla! 3.0.0 through 3.9.19)
- Low Priority - Core - Escape mod_random_image link (affecting Joomla! 3.0.0 through 3.9.19)
- Low Priority - Core - System Information screen could expose redis or proxy credentials (affecting Joomla! 3.0.0 through 3.9.19)
Bug fixes and Improvements
- Upload & Update tab of Joomla Update Component: Fix to allow upload of ZIP filetype only
- Local database server: Allow optional port numbers
- Beez3 Template: Markup fix for the Tabs layout of com_contact
- Beez3 Template: Allow custom field editing on frontend
- Backend cache cleared when purging updates
The previous release was on June 03, 2020.
Our Website Maintenance Department will be in contact with our clients regarding this upgrade. If you need this upgrade done on your website, please contact us.