Joomla! 3.9.24 Security Release announced
Joomla! 3.9.24 is a SECURITY FIX which addresses THREE vulnerabilities.
This release continues to improve support for PHP 8 (released in November 2020).
See the Release Notes at the link below.
Low Impact - com_modules exposes module names (affecting Joomla! 3.0.0 through 3.9.23).
Moderate Impact - XSS in mod_breadcrumbs aria-label attribute (affecting Joomla! 3.9.0 through 3.9.23).
Moderate Impact - XSS in com_tags image parameters (affecting Joomla! 3.1.0 through 3.9.23).
Back up before updating is highly recommended
Protect your assets.
Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.