J3.x:Mõtted Joomla 3.8.13 turvalisuse kohta
From Joomla! Documentation
Mõtted Joomla 3.8.13 turvalisuse kohta
Kinnituse küsimine pärast uue kasutaja kohta teavituse saamist
As of 3.8.13, Joomla is securing the process on approving an user after an email notification by requesting the administrator, who is going to approve the request, to login into the frontend. After the administrator logged in, they are redirected to the activation URL and the account is activated. The main reason is that we have got some reports on "auto approvings", done by antivirus software checking any URL send by email.
Improved security for the Joomla Update Component
As of 3.8.13, Joomla is locking down the Joomla Update Component to Super Administrators only, as this component is by design intended to apply changes to the core of the CMS and by also processes sensitive data related to site updates. Therefore we decided that this component and its feature should be restricted to Super Administrators only.