Joomla 3.9.28 Release

By NESA Hits: 5210

Joomla 3.9.28 is now available. This is a security release for the 3.x series of Joomla which addresses 5 security vulnerabilities and contains 15 bug fixes and improvements.

What's in 3.9.28?

Joomla 3.9.28 includes 5 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

  • [20210701] Low Severity - Low Impact - XSS in JForm Rules field (affecting Joomla! 3.0.0 through 3.9.27) More information »
  • [20210702] Low Severity - Low Impact - DoS through usergroup table manipulation (affecting Joomla! 2.5.0 through 3.9.27) More information »
  • [20210703] Low Severity - Moderate Impact - Lack of enforced session termination (affecting Joomla! 2.5.0 through 3.9.27) More information »
  • [20210704] Low Severity - High Impact - Privilege escalation through com_installer (affecting Joomla! 2.5.0 through 3.9.27) More information »
  • [20210705] Low Severity - Moderate Impact - XSS in com_media imagelist (affecting Joomla! 3.0.0 through 3.9.27) More information »

Bug fixes and Improvements

  • Update CA certificates #34693
  • Smart Search: Fix inserting tokens to DB #34497
  • Fix search suggestions for mixed-case searches #33942

Visit GitHub for the full list of bug fixes.