The Joomla! team has officially released Joomla 3.9.2. This security release addresses 4 security vulnerabilities and contains over 50 bug fixes and improvements.
Security Issues
Low Priority - core fixes:
- Stored XSS in mod_banners (affecting Joomla 2.5.0 through 3.9.1)
- Stored XSS in com_contact (affecting Joomla 2.5.0 through 3.9.1)
- Stored XSS issue in the Global Configuration textfilter settings (affecting Joomla 2.5.0 through 3.9.1)
- Stored XSS issue in the Global Configuration help URL (affecting Joomla 2.5.0 through 3.9.1)
Bug fixes and Improvements
- Fixes for states in com_finder, com_banners, com_messages, com_users notes
- Removal of the Caching field in the languages, syndicate, random image, and login modules
- Editors API extended
- Menu Item Alias type: Redirection is optional
- com_media: Normalisation of uploaded file names
- Code cleanup and namespacing
For more information about the changes made in the security release, please visit the official Joomla! GitHub
