Joomla 3.9.15 is here - a security and bug fixes release!
The Joomla project team has recently released version 3.9.15 that addresses three low-priority security issues and fixes 23 bugs.
Security Issue Fixed
- Low Priority - Core - CSRF in batch actions (affecting Joomla 3.0.0 through 3.9.14)
- Low Priority - Core - CSRF com_templates LESS compiler (affecting Joomla 3.0.0 through 3.9.14)
- Low Priority - Core - XSS in com_actionlogs (affecting Joomla 3.9.0 through 3.9.14)
Bug fixes
- Beez Template: Fix the consent field modal
- Action Log emails: Use of absolute URLs
- Two TinyMCE editor fixes (see changelog for details)
- User email addresses: Case insensitive management
- Prevent library extensions to overwrite core files
Community Builder 2.4.3 (latest build) and all Joomlapolis add-ons work just fine with Joomla 3.9.15. You can see everything in action on our demo site.
Joomla 3.9.15 is a recommended upgrade for all Joomla 3.x series sites - you should upgrade.
As always, before any Joomla upgrade on your live website, take a backup just in case anything goes wrong.
You can learn more about the fixed bugs and see the full changelog by reading the Joomla 3.9.15 announcement.