This could be exploited by attackers to obtain sensitive information about other requests. update_data_during_request_logging setting was modified in 4.2.4, and now it is enabled by default. This issue has been resolved in Joomla! 4.2.5.
An issue was discovered in Joomla! where an attacker could delete an administrative user account. This issue has been resolved in Joomla! 3.3.5.
An issue was discovered in Joomla! where an attacker could add new administrative user accounts. This issue has been resolved in Joomla! 3.3.5.
The installation process allows for the installation of extensions without confirmation. An attacker could trick users into installing malicious extensions, which could lead to data leakage, session hijacking, or other attacks. This issue has been resolved in Joomla! 3.3.5.
An issue was discovered in Joomla! where an administrator could change the password of another administrator. This issue has been resolved in Joomla! 3.3.5.
An issue was discovered in Joomla! where an administrator could change the role of another administrator. This issue has been resolved in Joomla! 3.3.5.
An issue was discovered in Joomla! where an attacker could add new administrators. This issue has been resolved in Joomla! 3.3.5.
New features and Improvements
Joomla! now has a new default template called "News". This new template is designed to make it easier for users to create appealing and engaging content, while still maintaining the Joomla! branding.
The Joomla! 3.2 release includes many improvements and updates.
- Security: There are over 80 security improvements in this release that have been added since 3.1.
- The content manager was improved to allow for more flexibility and extendability.
- Improvements were made to the mobile site, including a responsive design, better experience when using mobile devices, and improved accessibility features.
Timeline
Published on: 10/25/2022 19:15:00 UTC
Last modified on: 10/26/2022 12:40:00 UTC