Releases are available for Joomla versions 4.4.7 and 5.1.3, they mainly have fixes for major bugs of previous branches, as well as fixing some vulnerabilities.
Major changes and improvements include:
- Eliminating the test channel from the CLI
- Version 6.8.4 for TinyMCE is available
- Some modifications to the multilingual interface when running without a compatibility plugin
- Modifications regarding handling in the Mail class
- Modification of popup links encoding
- Fixing some variables
- Modification of security flag for cookies
- Removal of Javascript bugs to work in the subpackage
If you want to check out the full list of changes, it's available on GitHub. As for vulnerabilities, here are some of the issues that have been fixed by the team of developers:
- Incorrect internal URL validation
- XSS vectors in Outputfilter::strip*
- XSS in HTML email templates
- Incorrect ACL for backend profile mapping
- Cache infection on pagination
