Joomla 5.0.3 - Security + Bugfix Release

On Tuesday 20 February 2024, Joomla 5.0.3 was released. This release is a security update. It also fixes some bugs found since the previous version. The aim is to improve the security, stability and reliability of the Joomla platform.

Resolving security issues

Joomla, like other professional software publishers, reports found security issues to "Common Vulnerabilities and Exposures" (CVE). This is an organisation that registers security issues. Only after the release of Joomla 5.0.3, i.e. after a patch was created for it, were the issues disclosed:

[20240201] - Core - Insufficient session expiration in MFA management views
[20240202] - Core - Open redirect in installation application
[20240203] - Core - XSS in media selection fields
[20240204] - Core - XSS in mail address outputs
[20240205] - Core - Inadequate content filtering within the filter code

Solving bugs

In addition to the security fix, Joomla 5.0.3 also includes a number of bug fixes. These fixes target different aspects of the CMS and improve overall functionality and stability. A detailed overview of the fixed bugs is available on Joomla's official GitHub repository. This overview provides an in-depth look at the specific issues that have been addressed and the changes made to resolve them.

To view the overview of resolved bugs, please visit the following link: https://github.com/joomla/joomla-cms/milestone/120?closed=1. Here you will find a detailed list of all bugs fixed in this release.

Updating to Joomla 5.0.3

To take advantage of the bug fixes and security improvements in Joomla 5.0.3, it is important to update your website to this version. The update process is generally straightforward and can be performed via the Joomla administrator dashboard. Make sure you back up your website before updating so that you can fix any issues if something goes wrong.

If you need help updating your Joomla website to version 5.0.3, you can always visit the official Joomla support channels. Or contact us.