The Joomla! Project is pleased to announce the release of Joomla 5.2.3 and Joomla 4.4.10. This is a security and bug fix release for the 5.x and 4.x series of Joomla.
These releases continue Joomla’s high standards in accessible web design, highlighting Joomla's values of inclusiveness, simplicity and security into an even more powerful open-source web platform.
Security Fix
Where can I download Joomla 5.2.3?
Full announcement + download links: https://www.joomla.org/announcements/re ... lease.html
Discussion Forum: viewtopic.php?f=9&t=1014074
These releases continue Joomla’s high standards in accessible web design, highlighting Joomla's values of inclusiveness, simplicity and security into an even more powerful open-source web platform.
Security Fix
- [20250101] - Core - XSS vectors in module chromes
- [20250102] - Core - XSS vector in the id attribute of menu lists
- [20250103] - Core - Read ACL violation in multiple core views
- Fix joomlaExtButtons TinyMCE plugin, buttons validation (#44507)
- Email Validation apostrophe (#44527)
- Set correct AssetTitle and AssetParentId (#42493)
- Remove empty images and anchors from mod articles_news (#42493), mod articles_category (#44478) and (#44475)
- Remove wrong class in cancel link in add verification code frontend page (#44473)
- Allow multiselect for checkboxes (#44500)
- postgres and finder suggestions (#44384)
- Pre-update check for extensions AllowDynamicProperties (#44307)
- Fix PHPCS nullable parameter (#44543)
- Fix double closing Curly braces in inline style (#44532)
- Uncaught TypeError: can't access property "getAttribute", toggleButton is null (#44555)
- Plugins: Search not case-insensitive for unicode language (#44525)
- Fix increment on non-alphanumeric string deprecation (#44173)
- User: Don't reset newly set requireReset (#44519)
- CoreButtonsTrait back() generates wrong button text (#44509)
- Tags: Make router discover 404s properly (#44540)
- Catch exception to get the user in the action log model (#44358)
- Fix return typehint in IdentityAware trait (#44567)
- Composer update joomla/application to 3.0.3 to fix PHP deprecations in Web Client (#44585)
- User: Allow MFA before password reset (#44521)
- Fix duplicate entry with the action logs by removing the second call to onJoomlaAfterUpdate (#44629)
- CLI] extension:remove -n option "Invalid Response" fix (#44546)
- Privacy: Allow MFA and invalid privacy consents (#44522)
- Refresh changelog URL on manifest cache refresh (#44565)
Where can I download Joomla 5.2.3?
Full announcement + download links: https://www.joomla.org/announcements/re ... lease.html
Discussion Forum: viewtopic.php?f=9&t=1014074
Statistics: Posted by pe7er — Tue Jan 07, 2025 4:05 pm