Joomla! 3.9.23 Security Release announced

joomla support cheshire manchester merseyside north west ukRelease date: 24 November 2020.

Joomla! 3.9.23 is a SECURITY FIX which addresses SEVEN vulnerabilities.

This release implements changes to make the Joomla! CMS ready for PHP 8 (to be released on November 26th 2020).

See the Release Notes at the link below.

Read more: Joomla! 3.9.23 Release News.

 

Addressed Vulnerabilities

Low Priority

High Impact - Write ACL violation in multiple core views (affecting Joomla! 2.5.0 through 3.9.22).
Moderate Impact - Disclosure of secrets in Global Configuration page (affecting Joomla! 2.5.0 through 3.9.22).
Moderate Impact - Path traversal in mod_random_image (affecting Joomla! 2.5.0 through 3.9.22).
High Impact - SQL injection in com_users list view (affecting Joomla! 3.0.0 through 3.9.22).
Low Impact - User Enumeration in backend login (affecting Joomla! 3.9.0 through 3.9.22).
Low Impact - CSRF in com_privacy emailexport feature (affecting Joomla! 3.9.0 through 3.9.22).
High Impact - Write ACL violation in multiple core views (affecting Joomla! 1.7.0 through 3.9.22).

 

Back up before updating is highly recommended

Protect your assets.

Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.

Read more: How to back up your website.

Read more: How to update your Joomla! CMS & its extensions.

 

Make Joomla! CMS Security YOUR #1 Priority

joomla support cheshire manchester merseyside north west ukWe offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Learn how to manage Joomla! website security.