Joomla! 3.8.8 Security Release announced

joomla support cheshire manchester merseyside north west uk

UPDATE ASAP

Joomla! 3.8.8 is a Security Release which addresses NINE security vulnerabilities.

Joomla 3.8.8 includes over 50 bug fixes and improvements.

More details at the following link.

Read more: Joomla! 3.8.8 Release News.

Addressed Vulnerabilities

Moderate Priority

  • Core - Information Disclosure about unpublished tags (affecting Joomla 3.1.0 through 3.8.7).
  • Core - XSS Vulnerabilities & additional hardening (affecting Joomla 3.0.0 through 3.8.7).

Low Priority

  • Core - ACL violation in access levels (affecting Joomla 2.5.0 through 3.8.7).
  • Core - Add phar files to the upload blacklist (affecting Joomla 2.5.0 through 3.8.7).
  • Core - Installer leaks plain text password to local user (affecting Joomla 3.0.0 through 3.8.7).
  • Core - Filter field in com_fields allows remote code execution (affecting Joomla 3.7.0 through 3.8.7).
  • Core - Session deletion race condition (affecting Joomla 3.0.0 through 3.8.7).
  • Core - Possible XSS attack in the redirect method (affecting Joomla 3.2.1 through 3.8.7).
  • Core - XSS vulnerability in the media manager (affecting Joomla 1.5.0 through 3.8.7).

Security Hardening

The Joomla! Project recommend that you check and change the following Global Configuration settings:

Text Filters > Administrator,
Users > Send email,
Media > Legal Extensions & Legal MIME Types,
Articles > Show Email.

See link below for what changes to make.

The recommended changes will be the default settings in any NEW 'out of the box' Joomla! CMS installation from Joomla! 3.8.8 onwards.

Read more: Recommended changes to Global Configuration settings.

Quick Guide

Visit the link below if you would like to change your website's Global Configuration settings in double quick time.

Joomla! Tip: Security harden your website.

Back up before updating is highly recommended

Protect your assets.

Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.

Read more: How to back up your website.

Read more: How to update your Joomla! CMS & its extensions.

WYNCHCO Joomla! CMS Support

We coach, help and support managers with responsibility for Joomla! websites in organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Read more: WYNCHCO Joomla! CMS Support Packages.