Joomla! 3.9.5 Security Release announced
UPDATE ASAP
Joomla! 3.9.5 is a Security Release which addresses THREE security vulnerabilities.
This release also includes several improvements.
More details at the following link.
Read more: Joomla! 3.9.5 Release News.
Addressed Vulnerabilities
Low Priority
Core - Directory Traversal in com_media (affecting Joomla 1.5.0 through 3.9.4)
Core - Helpsites refresh endpoint callable for unauthenticated users (affecting Joomla 3.2.0 through 3.9.4)
Core - Object.prototype pollution in JQuery $.extend (affecting Joomla 3.0.0 through 3.9.4)
Back up before updating is highly recommended
Protect your assets.
Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.
Read more: How to back up your website.
Read more: How to update your Joomla! CMS & its extensions.