Joomla! 3.9.19 Security Release announced
Joomla! 3.9.19 is a SECURITY FIX which addresses FIVE vulnerabilities. ONE of these is MODERATE.
This release includes a Post Installation Message recommending that you change your website's Global Configuration TEXT FILTER settings.
See the Release Notes at the link below.
Read more: Joomla! 3.9.19 Release News.
Read more: Joomla! 3.9.19 Post Installation Message.
Addressed Vulnerabilities
Moderate Priority
Core - XSS in jQuery.html Pre filter (affecting Joomla! 3.0.0 through 3.9.18).
Low Priority
Core - XSS in modules heading tag option (affecting Joomla! 3.0.0 through 3.9.18).
Core - Inconsistent default text filter settings (affecting Joomla! 2.5.0 through 3.9.18).
Core - XSS in com_modules tag options (affecting Joomla! 3.0.0 through 3.9.18).
Core - CSRF in com_post install (affecting Joomla! 3.7.0 through 3.9.18).
Back up before updating is highly recommended
Protect your assets.
Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.
Read more: How to back up your website.
Read more: How to update your Joomla! CMS & its extensions.