Joomla 3.9.7 is now available. This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains over 40 bug fixes and improvements. Note before upgrading, make sure you update all third-party extensions.
What's in Joomla 3.9.7?
Joomla 3.9.7 includes one security vulnerability fixes, and several bug fixes and improvements.
Security Issues Fixed
- Low Priority - Core - CSV injection in com_actionlogs (affecting Joomla 3.9.0 through 3.9.6)
- Low Priority - Core - XSS in subform field (affecting Joomla 3.6.0 through 3.9.6)
- Low Priority - Core - ACL hardening of com_joomlaupdate (affecting Joomla 3.8.13 through 3.9.6)
Bug fixes and Improvements
- Batch system: Copy permissions of modules and categories
- Progessive cache improvements
- Fix to avoid duplicated custom fields in com_content
- RTL improvements
- Removal of the unofficial French Help Server
- TinyMCE improvements
- RSS: Fix to display the right category
- Media Manager: Fix directory traversal for symlinked folders
- User registration: Correct http schema used
Get more detail of bug fixes from GitHub.