Joomla! 3.9.17 Security Release announced
Joomla! 3.9.17 is a Security Release which addresses THREE security vulnerabilities.
This release also includes several improvements.
See the Release Notes at the link below.
Core - Incorrect access control in com_users access level editing function (affecting Joomla 3.8.8 through 3.9.16).
Core - Missing checks for the root usergroup in usergroup table (affecting Joomla 2.5.0 through 3.9.16).
Core - Incorrect access control in com_users access level deletion function (affecting Joomla 2.5.0 through 3.9.16).
Back up before updating is highly recommended
Protect your assets.
Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.