Joomla! 3.9.7 Security Release announced
Joomla! 3.9.7 is a Security Release which addresses THREE security vulnerabilities.
This release also includes several improvements.
More details at the following link.
Core - CSV injection in com_actionlogs (affecting Joomla 3.9.0 through 3.9.6)
Core - XSS in subform field (affecting Joomla 3.6.0 through 3.9.6)
Core - ACL hardening of com_joomlaupdate (affecting Joomla 3.8.13 through 3.9.6)
Back up before updating is highly recommended
Protect your assets.
Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.