Joomla 3.9.8 (3.9.7) Security and Bug Fixes release!

Joomla 3.9.8 is here - a regression bug fix release for the Joomla 3.9.7 security and bug fixes release!


The Joomla project team has recently released version 3.9.7 that addresses three security vulnerabilities fixes and over 40 bugs and improvements.

Security Issues Fixed

  • Low Priority - Core - CSV injection in com_actionlogs (affecting Joomla 3.9.0 through 3.9.6)
  • Low Priority - Core - XSS in subform field (affecting Joomla 3.6.0 through 3.9.6)
  • Low Priority - Core - ACL hardening of com_joomlaupdate (affecting Joomla 3.8.13 through 3.9.6)

Bug fixes and Improvements

  • Batch system: Copy permissions of modules and categories
  • Progessive cache improvements
  • Fix to avoid duplicated custom fields in com_content
  • RTL improvements
  • Removal of the unofficial French Help Server
  • TinyMCE improvements
  • RSS: Fix to display the right category
  • Media Manager: Fix directory traversal for symlinked folders
  • User registration: Correct http schema used


Community Builder 2.4.2 (latest build) and all Joomlapolis add-ons work just fine with Joomla 3.9.8. You can see everything in action on our demo site.

Joomla 3.9.8 is a highly recommended upgrade for all Joomla 3.x series sites - you should upgrade immediately.

As always, before any Joomla upgrade on your live website, take a backup just in case anything goes wrong.

You can learn more about the fixed bugs by reading the Joomla 3.9.7 and the Joomla 3.9.8 announcements.



Facebook Twitter LinkedIn