Joomla 3.9.24 is Out
Joomla 3.9.24 is available and it’s a security release. Since a few security issues and bugs have been resolved, we’re considering this a security fix and we recommend all Joomla website owners have this upgrade done.
What's in 3.9.24?
Joomla 3.9.24 is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains more than 35 bug fixes and improvements.
Joomla! 3.9.24 Release (joomla.org)
Security Issues Fixed
- Low Severity - Low Impact - com_modules exposes module names (affecting Joomla! 3.0.0 through 3.9.23)
- Low Priority - Moderate Impact - Disclosure of secrets in Global Configuration page (affecting Joomla! 2.5.0 through 3.9.22)
- Low Severity - Moderate Impact - XSS in mod_breadcrumbs aria-label attribute (affecting Joomla! 3.9.0 through 3.9.23)
- Low Severity - Moderate Impact - XSS in com_tags image parameters (affecting Joomla! 3.1.0 through 3.9.23)
Bug fixes and Improvements
- Continuing to improve PHP 8 support
- Solved performance issue with zip archives containing zip files
- Removes deprecate feature-policy and adds the new Permissions Policy
- Update joomla/image dependency
- Fixed regression SMTP Settings Test
- Fixed regression to save empty passwords in global configuration
The previous release was on November 25, 2020.
Our Website Maintenance Department will be in contact with our clients regarding this upgrade. If you need this upgrade done on your website, please contact us.