Skip to main content
heart-smallDiagnosis, prevention and treatment of Joomla websites!
1 minute reading time (205 words)

Joomla 3.9.25 Security Release

Joomla-3-9-25-Security-Release

Joomla 3.9.25 is now available. This is a security release for the 3.x series of Joomla which addresses 9 security vulnerabilities and contains more than 40 bug fixes and improvements. 

 Joomla 3.9.25 includes 9 security vulnerability fixes and addresses several bugs, including:


Security Issues Fixed
Insecure randomness within 2FA secret generation (affecting Joomla! 3.2.0 through 3.9.24)
Potential Insecure FOFEncryptRandval (affecting Joomla! 3.2.0 through 3.9.24)
XSS within alert messages showed to users (affecting Joomla! 2.5.0 through 3.9.24)
XSS within the feed parser library (affecting Joomla! 2.5.0 through 3.9.24)
Input validation within the template manager (affecting Joomla! 3.2.0 through 3.9.24)
com_media allowed paths that are not intended for image uploads (affecting Joomla! 3.0.0 through 3.9.24)
ACL violation within com_content frontend editing (affecting Joomla! 3.0.0 through 3.9.24)
Path Traversal within joomla/archive zip class (affecting Joomla! 3.0.0 through 3.9.24)
Inadequate filtering of form contents could allow to overwrite the author field (affecting Joomla! 1.6.0 through 3.9.24)

Bug fixes and Improvements
Fix Save as Copy tag #32454
Fix published attribute for Tag field #32332
Fix batch menu items #32380
Stream transport should enable verify_peer_name when possible #16501
Optimize the code for rename incorrectly cased files on update #32176
Addional PHP 8 improvments #31977 #32374
1
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Related Posts