#JUGL meetings are held on the 3rd Tuesday of each month

NEXT MEETING:

News 

Find Joomla! and Joomla! London related news here.  We show the latest security updates, Joomla! announcements, information about past and upcoming meetings, and anything else we think might be relevant.

The idea of a new Joomla! podcast was raised during Joomla! Day UK 2017 by an attendee who was keen to be its creator.  I really would like to see this as there have been some great ones in the past.  If you want to see this too, then feedback via Github so he is encouraged to make it happen.  https://github.com/joomla/joomla-marketing/issues/109.  Here's a link to some of the other podcasts that either still run or have run in the past.

joomla london email logoOur next meeting is on the 16th of August, that's 15 days away, just over two weeks. Register to attend (for free) and come down and learn more about Joomla! and surrounding topics. Last meeting had an excellent talk from Gary Barclay (Barclay.Works) regarding Google Tag Manager. We also had some great information from George Wilson (in charge of Joomla! releases) relating to Joomla! 3.6 as well as some feedback from the rest of the room.

Joomla haJoomla has been around for a little over 10 years.  in that time much of the code base has benefited from extensive development, to get it to the current version 3.5.  Some parts however, have seen very little change, the router is one such area of code, now that's about to be overhauled....completely!s been around for a little over 10 years.  in that time much of the code base has benefited from extensive development, to get it to the current version 3.5.  Some parts however, have seen very little change, the router is one such area of code, now that's about to be overhauled....completely!

Joomla! Security

11/1/21
Severity severity
Impact severity
Lack of escaping of image-related parameters in multiple com_tags views cause lead to XSS attack vectors.
11/1/21
Severity severity
Impact severity
Lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.
11/1/21
Severity severity
Impact severity
Lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.
24/11/20
Severity severity
Impact severity
Lack of input validation while handling ACL rulesets can cause write ACL violations.

Selected Joomla! Videos