Website
Optimisation
Support
Training
Blog
db8
Portfolio
Reviews
Contact
Joomla 5.1.2 - Security Release
On Tuesday 9 July 2024, Joomla 5.1.2 was released. This is a security and bugfix release that fixes some security issues and bugs found since the previous version. The aim is to improve the security, stability and reliability of the Joomla platform.
Fixed security issues
Some XSS (Cross-Site Scripting) security flaws have been discovered in Joomla, which are fixed with this security release. XSS is a security flaw where an attacker can insert malicious scripts into content. If those scripts are executed on the website, attackers can steal sensitive information, take over user accounts or perform other malicious actions. This XSS security flaw can only be exploited by attackers if they have write access to the website. For added security, you can use Joomla's default HTTP Headers plugin that will defuse any malicious scripts.
Fixed issues:
- [20240701] - Core - XSS in accessible media selection field
- [20240702] - Core - Self-XSS in fancyselect list field layout
- [20240703] - Core - XSS in StringHelper::truncate method
- [20240704] - Core - XSS in Wrapper extensions
- [20240705] - Core - XSS in com_fields default field value
Fixed bugs
A detailed list of the resolved bugs is available on Joomla's official github repository: https://github.com/joomla/joomla-cms/milestone/127?closed=1
If you are not currently using Joomla 5.1.x, it is recommended that you upgrade to that version to take advantage of the functionality available in Joomla 5.1.x.
Looking for support on updating or migrating to Joomla 5.1.2? If so, please contact us.
