Joomla! 3.9.7 Security Release announced
UPDATE ASAP
Joomla! 3.9.7 is a Security Release which addresses THREE security vulnerabilities.
This release also includes several improvements.
More details at the following link.
Read more: Joomla! 3.9.7 Release News.
Addressed Vulnerabilities
Low Priority
Core - CSV injection in com_actionlogs (affecting Joomla 3.9.0 through 3.9.6)
Core - XSS in subform field (affecting Joomla 3.6.0 through 3.9.6)
Core - ACL hardening of com_joomlaupdate (affecting Joomla 3.8.13 through 3.9.6)
Back up before updating is highly recommended
Protect your assets.
Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.
Read more: How to back up your website.
Read more: How to update your Joomla! CMS & its extensions.