Joomla 3.9.2
15 January 2019
Joomla version 3.9.2 is now available (security release).
Upgrading to Joomla 3.9.2
Joomla 3.9.2 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Joomla updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Joomla install to test the 3.9.2 upgrade prior to applying it live. Get started managing your Joomla installations with Installatron
What's New in Joomla 3.9.2
Security
- Low Priority - Core - Stored XSS in mod_banners (affecting Joomla 2.5.0 through 3.9.1) - Inadequate escaping in mod_banners leads to a stored XSS vulnerability.
- Low Priority - Core - Stored XSS in com_contact (affecting Joomla 2.5.0 through 3.9.1) - Inadequate escaping in com_contact leads to a stored XSS vulnerability.
- Low Priority - Core - Stored XSS issue in the Global Configuration textfilter settings (affecting Joomla 2.5.0 through 3.9.1) - Inadequate checks at the Global Configuration Text Filter settings allowed a stored XSS.
- Low Priority - Core - Stored XSS issue in the Global Configuration help url (affecting Joomla 2.5.0 through 3.9.1) - Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS.
Bug fixes and Improvements
- Fixes for states in com_finder (#23194), com_banners (#23193), com_messages (#23192), com_users notes (#23191)
- Removal of the Caching field in the languages (#23174), syndicate (#23166), random image (#23165), and login modules (#23152)
- Editors API extended #23224
- Menu Item Alias type: Redirection is optional #23278
- com_media: Normalisation of uploaded file names (#23259)
- Code cleanup and namespacing