Last week the Joomla! Project released Joomla! 3.7.4, a release that included 2 security fixes, one of them rated as a "high severity" issue related to the installer application of the CMS. In the initial bulletin published in the Security Centre, no further details on the actual attack vector have been disclosed - but as the vector has now been disclosed by the initial reporter Hanno Böck in a talk at the Def Con conference, I would like to share some insights from the perspective of the Security Team.
Read more: Best security process, fast reactions to new threats
We would like to share some changes we will make soon to our development setup.
Today we are pleased to share our plan for the Joomla! 3.8 release and we would like your help in getting ready for the release.