J3.x

J3.x:Mõtted Joomla 3.8.13 turvalisuse kohta

From Joomla! Documentation

This page is a translated version of the page J3.x:Joomla 3.8.13 Security Notes and the translation is 57% complete.
Other languages:
Deutsch • ‎English • ‎Nederlands • ‎eesti • ‎español • ‎français • ‎svenska

Mõtted Joomla 3.8.13 turvalisuse kohta

Kinnituse küsimine pärast uue kasutaja kohta teavituse saamist

3813-email-notification-en.png

As of 3.8.13, Joomla is securing the process on approving an user after an email notification by requesting the administrator, who is going to approve the request, to login into the frontend. After the administrator logged in, they are redirected to the activation URL and the account is activated. The main reason is that we have got some reports on "auto approvings", done by antivirus software checking any URL send by email.

Improved security for the Joomla Update Component

As of 3.8.13, Joomla is locking down the Joomla Update Component to Super Administrators only, as this component is by design intended to apply changes to the core of the CMS and by also processes sensitive data related to site updates. Therefore we decided that this component and its feature should be restricted to Super Administrators only.