====================================================================

                             CERT-Renater

                 Note d'Information No. 2020/VULN481
_____________________________________________________________________

DATE                : 31/08/2020

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Joomla versions prior to 3.9.21.

=====================================================================
https://www.joomla.org/announcements/release-news/5821-joomla-3-9-21.html
_____________________________________________________________________

Joomla 3.9.21 is now available. This is a security release for the 3.x
series of Joomla which addresses 3 security vulnerabilities and contains
over 20 bug fixes and improvements.


What's in 3.9.21?

Joomla 3.9.21 includes 3 security vulnerability fixes and addresses
several bugs, including:

Security Issues Fixed

    Low Priority - Core - XSS in mod_latestactions (affecting Joomla!
3.9.0 through 3.9.20) More information »

    Low Priority - Core - Open redirect in com_content vote feature
(affecting Joomla! 3.0.0 through 3.9.20) More information »

    Low Priority - Core - Directory traversal in com_media (affecting
Joomla! 2.5.0 through 3.9.20) More information »


Bug fixes and Improvements

    TinyMCE updated #30329
    CodeMirror updated #30370
    Upload Package File / Joomla Update : Upload file size check added
#30190 #29895
    Actions Log: Log an event when Joomla is updated #30157

Visit GitHub for the full list of bug fixes.

=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================