Joomla 3.9.3 is now available. This is a security fix release for the 3.x series of Joomla which addresses 6 security vulnerabilities and contains 30 bug fixes and improvements.
What's in 3.9.3?
Joomla 3.9.3 includes 6 security vulnerabilities fixes and several bug and improvements, including:
Security Issues Fixed
- Low Priority – Core – Lack of URL filtering in various core components (affecting Joomla 2.5.0 through 3.9.2) More information »
- Low Priority – Core – Browserside mime-type sniffing causes XSS attack vectors (affecting Joomla 1.0.0 through 3.9.2) More information »
- Low Priority – Core – Additional warning in the Global Configuration textfilter settings (affecting Joomla 2.5.0 through 3.9.2) More information »
- Low Priority – Core – Stored XSS issue in the Global Configuration help url #2 (affecting Joomla 2.5.0 through 3.9.2) More information »
- Low Priority – Core – XSS Issue in core.js writeDynaList (affecting Joomla 2.5.0 through 3.9.2) More information »
- Low Priority – Core – Implement the TYPO3 PHAR stream wrapper (affecting Joomla 2.5.0 through 3.9.2) More information »
Bug fixes and Improvements
- Prevent renaming/deleting the template index.php file #23654
- Smart Search improvement #23736
- Contacts banned fields removed #23585
- Improvement of the Integration tab display #23711
- Fix the category filter for featured articles #23454
- Fix for the Template Style field in the menu manager #23556
- Breadcrumbs for tags #23599
Visit GitHub for the full list of bug fixes.
