Joomla! 3.9.5 Security Release announced
Joomla! 3.9.5 is a Security Release which addresses THREE security vulnerabilities.
This release also includes several improvements.
More details at the following link.
Core - Directory Traversal in com_media (affecting Joomla 1.5.0 through 3.9.4)
Core - Helpsites refresh endpoint callable for unauthenticated users (affecting Joomla 3.2.0 through 3.9.4)
Core - Object.prototype pollution in JQuery $.extend (affecting Joomla 3.0.0 through 3.9.4)
Back up before updating is highly recommended
Protect your assets.
Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.
Make Joomla! CMS Security YOUR #1 Priority