Sign In

Welcome! Log into your account

Forgot your password?

Create an account

Sign Up

Welcome! Register for an account

A password will be e-mailed to you.

Password Recovery

Recover your password

A password will be e-mailed to you.

Joomla 3.9.26 / 3.10.0 Alpha 5 / Joomla 4.0.0 Beta 7

1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 4.00 out of 5)
Joomla 3.9.26 / 3.10.0 Alpha 5 / Joomla 4.0.0 Beta 7

Joomla is an award-winning content management system (CMS). It enables you to build Web sites and powerful online applications. Many aspects, including its ease-of-use and extensibility, have made Joomla the most popular Web site software available. Best of all, it is an open source solution that is freely available to everyone.

Since Joomla is based on PHP and MySQL, you’re building powerful applications on an open platform anyone can use, share, and support. A content management system is software that keeps track of every piece of content on your Web site.

Much like your local public library keeps track of books and stores them. Content can be simple text, photos, music, video, documents, or just about anything you can think of.

A major advantage of using a CMS is that it requires almost no technical skill or knowledge to manage. Since the CMS manages all your content, you don’t have to.

Hence, Joomla! is an international project, with users and contributors around the world. It is easy to install and set up even if you’re not an advanced user. Many Web hosting services offer a single-click install, getting your new site up and running in just a few minutes. As a Web designer or developer, you can quickly build sites for your clients. Then, with a minimal amount of instruction, you can empower your clients to easily manage their own sites themselves.

Joomla is used all over the world to power Web sites of all shapes and sizes:

  • Corporate Web sites or portals
  • Corporate intranets and extranets
  • Online magazines, newspapers, and publications
  • E-commerce and online reservations
  • Government applications
  • Small business Web sites
  • Non-profit and organizational Web sites
  • Community-based portals
  • School and church Web sites
  • Personal or family homepages

Many companies and organizations have requirements that go beyond what is available in the basic package. In those cases, Joomla’s powerful application framework makes it easy for developers to create sophisticated add-ons that extend the power of Joomla into virtually unlimited directions.

The core framework enables developers to quickly and easily build:

  • Inventory control systems
  • Data reporting tools
  • Application bridges
  • Custom product catalogs
  • Integrated e-commerce systems
  • Complex business directories
  • Reservation systems
  • Communication tools

What’s New in Joomla 3.9.26:

Security Issues Fixed

  • [20210401] Low Severity – Low Impact – Escape xss in logo parameter error pages (affecting Joomla! 3.0.0 through 3.9.25)
  • [20210402] Low Severity – Low Impact – Inadequate filters on module layout settings (affecting Joomla! 3.0.0 through 3.9.25)

Bug fixes and Improvements

  • Fix caching issues after rebuilding update sites
  • Allow to configure load balancer/reverse proxy setting
  • Fix loosing extra query parameter for update sites
  • MySQL and MariaDB compatibility fixes
  • Fix frontend create article permission
  • Update CodeMirror to 5.60.0
  • Addional PHP 8 improvment

What’s New in Joomla 3.9.25:

Security Issues Fixed

  • Low Severity – Low Impact – Insecure randomness within 2FA secret generation (affecting Joomla! 3.2.0 through 3.9.24)
  • Low Severity – Low Impact – Potential Insecure FOFEncryptRandval (affecting Joomla! 3.2.0 through 3.9.24)
  • Low Severity – Moderate Impact – XSS within alert messages showed to users (affecting Joomla! 2.5.0 through 3.9.24)
  • Low Severity – Moderate Impact – XSS within the feed parser library (affecting Joomla! 2.5.0 through 3.9.24)
  • Low Severity – Low Impact – Input validation within the template manager (affecting Joomla! 3.2.0 through 3.9.24)
  • Low Severity – Moderate Impact – com_media allowed paths that are not intended for image uploads (affecting Joomla! 3.0.0 through 3.9.24)
  • Low Severity – Moderate Impact – ACL violation within com_content frontend editing (affecting Joomla! 3.0.0 through 3.9.24)
  • Low Severity – Moderate Impact – Path Traversal within joomla/archive zip class (affecting Joomla! 3.0.0 through 3.9.24)
  • Low Severity – Moderate Impact – Inadequate filtering of form contents could allow to overwrite the author field (affecting Joomla! 1.6.0 through 3.9.24)

Bug fixes and Improvements

  • Fix Save as Copy tag
  • Fix published attribute for Tag field
  • Fix batch menu items
  • Stream transport should enable verify_peer_name when possible
  • Optimize the code for rename incorrectly cased files on update
  • Addional PHP 8 improvments

What’s New in Joomla 3.9.24:

Security Issues Fixed

  • [20210101] Low Severity – Low Impact – com_modules exposes module names (affecting Joomla! 3.0.0 through 3.9.23)
  • [20210102] Low Severity – Moderate Impact – XSS in mod_breadcrumbs aria-label attribute (affecting Joomla! 3.9.0 through 3.9.23)
  • [20210103] Low Severity – Moderate Impact – XSS in com_tags image parameters (affecting Joomla! 3.1.0 through 3.9.23)

Bug fixes and Improvements

  • Continuing to improve PHP 8 support
  • Solved performance issue with zip archives containing zip files
  • Removes deprecate feature-policy and adds the new Permissions Policy
  • Update joomla/image dependency
  • Fixed regression SMTP Settings Test
  • Fixed regression to save empty passwords in global configuration

What’s New in Joomla 3.9.21:

Security Issues Fixed

  • Low Priority – Core – XSS in mod_latestactions (affecting Joomla! 3.9.0 through 3.9.20)
  • Low Priority – Core – Open redirect in com_content vote feature (affecting Joomla! 3.0.0 through 3.9.20)
  • Low Priority – Core – Directory traversal in com_media (affecting Joomla! 2.5.0 through 3.9.20)

Bug fixes and Improvements

  • TinyMCE updated
  • CodeMirror updated
  • Upload Package File / Joomla Update : Upload file size check added
  • Actions Log: Log an event when Joomla is update

What’s New in Joomla 3.9.20:

Security Issues Fixed

  • Low Priority – Core – CSRF in com_installer ajax_install endpoint (affecting Joomla! 3.7.0 through 3.9.19)
  • Moderate Priority – Core – Missing checks can lead to a broken usergroups table record (affecting Joomla! 2.5.0 through 3.9.19)
  • Low Priority – Core – CSRF in com_privacy remove-request feature (affecting Joomla! 3.9.0 through 3.9.19)
  • Low Priority – Core – Variable tampering via user table class (affecting Joomla! 3.0.0 through 3.9.19)
  • Low Priority – Core – Escape mod_random_image link (affecting Joomla! 3.0.0 through 3.9.19)
  • Low Priority – Core – System Information screen could expose redis or proxy credentials (affecting Joomla! 3.0.0 through 3.9.19)

Bug fixes and Improvements

  • Upload & Update tab of Joomla Update Component: Fix to allow upload of ZIP filetype only
  • Local database server: Allow optional port numbers
  • Beez3 Template: Markup fix for the Tabs layout of com_contact
  • Beez3 Template: Allow custom field editing on frontend
  • Backend cache cleared when purging updates

What’s New in Joomla 3.9.19:

Security Issues Fixed

  • Low Priority – Core – XSS in modules heading tag option (affecting Joomla! 3.0.0 through 3.9.18)
  • Low Priority – Core – Inconsistent default textfilter settings (affecting Joomla! 2.5.0 through 3.9.18)
  • Low Priority – Core – XSS in com_modules tag options (affecting Joomla! 3.0.0 through 3.9.18)
  • Moderate Priority – Core – XSS in jQuery.htmlPrefilter (affecting Joomla! 3.0.0 through 3.9.18)
  • Low Priority – Core – CSRF in com_postinstall (affecting Joomla! 3.7.0 through 3.9.18)

Bug fixes and Improvements

  • Fix incomplete utf8mb4 conversion since 3.9.17
  • Backport jQuery 3.5 security fixes
  • Frontend: Removal of the create/edit menu item buttons
  • Extend the checks to make sure only real user admins can create accounts
  • Mail: Support of dotless domains
  • Codemirror updated to its latest release
  • Improve translation system supporting better pluralization for languages like Welsh

What’s New in Joomla 3.9.17:

Security Issues Fixed

  • Low Priority – Core – Incorrect access control in com_users access level editing function (affecting Joomla 3.8.8 through 3.9.16)
  • Low Priority – Core – Missing checks for the root usergroup in usergroup table (affecting Joomla 2.5.0 through 3.9.16)
  • Low Priority – Core – Incorrect access control in com_users access level deletion function (affecting Joomla 2.5.0 through 3.9.16)

Bug fixes and Improvements

  • Removal of an unneeded file added to 3.9.16
  • Multilingual Associations: Fix for the Edit Associations buttons in Menu Items and in Category
  • PHPMailer upgraded to its latest version
  • ‘New’ MVC classes depreciation notice for 4.0 instead of 5.0
  • Facilitate the usage of help system by third parties
  • PostgreSQL: Fix for module loading

What’s New in Joomla 3.9.16:

Security Issues Fixed

  • Low Priority – Core – SQL injection in Featured Articles menu parameters (affecting Joomla 1.7.0 through 3.9.15)
  • Low Priority – Core – CSRF in com_templates image actions (affecting Joomla 3.2.0 through 3.9.15)
  • Low Priority – Core – XSS in Protostar and Beez3 (affecting Joomla 3.0.0 through 3.9.15)
  • Low Priority – Core – Incorrect Access Control in com_templates (affecting Joomla 2.5.0 through 3.9.15)
  • Low Priority – Core – Identifier collisions in com_users (affecting Joomla 3.0.0 through 3.9.15)
  • Low Priority – Core – Incorrect Access Control in com_fields SQL field (affecting Joomla 3.7.0 through 3.9.15)

Bug fixes and Improvements

  • Link rel attributes: ‘noopener’ attributes #28005, ‘sponsored’ and ‘ugc’ attributes #28055
  • Fields – Imagelist: Correct the display of the folder structure #16708
  • Popular Tags Module fix #27745
  • User – Contact Creator plugin: catid fixed #27949

What’s New in Joomla 3.9.15:

Security Issues Fixed

  • Low Priority – Core – CSRF in batch actions (affecting Joomla 3.0.0 through 3.9.14)
  • Low Priority – Core – CSRF com_templates LESS compiler (affecting Joomla 3.0.0 through 3.9.14)
  • Low Priority – Core – XSS in com_actionlogs (affecting Joomla 3.9.0 through 3.9.14)

Bug fixes and Improvements

  • Beez Template: Fix the consent field modal
  • Action Log emails: Use of absolute URLs
  • TinyMCE fixes
  • User email addresses: Case insensitive management
  • Prevent library extensions to overwrite core files

Homepage – https://www.joomla.org

Leave a Reply

0 Comments on Joomla 3.9.26 / 3.10.0 Alpha 5 / Joomla 4.0.0 Beta 7