Joomla! 3.9.24 Security Release announced
Release date: 12 January 2021.
Joomla! 3.9.24 is a SECURITY FIX which addresses THREE vulnerabilities.
This release continues to improve support for PHP 8 (released in November 2020).
See the Release Notes at the link below.
Read more: Joomla! 3.9.24 Release News.
Addressed Vulnerabilities
Low Severity
Low Impact - com_modules exposes module names (affecting Joomla! 3.0.0 through 3.9.23).
Moderate Impact - XSS in mod_breadcrumbs aria-label attribute (affecting Joomla! 3.9.0 through 3.9.23).
Moderate Impact - XSS in com_tags image parameters (affecting Joomla! 3.1.0 through 3.9.23).
Back up before updating is highly recommended
Protect your assets.
Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.
Read more: How to back up your website.
Read more: How to update your Joomla! CMS & its extensions.