Joomla! 3.4.6 is now available. This is a security release for the 3.x series of Joomla which addresses a critical security vulnerability and 4 low level security vulnerabilities. We strongly recommend that you update your sites immediately.

This release only contains the security fixes; no other changes have been made compared to the Joomla 3.4.5 release.

Security Release

What's in 3.4.6

Version 3.4.6 is released to address four reported security vulnerabilities and includes security hardening of the user password reset system.


Security Issues Fixed

  • High Priority - Core - Remote Code Execution (affecting Joomla 1.5 through 3.4.5) More information »
  • Low Priority - Core - CRSF Hardening (affecting Joomla 3.2.0 through 3.4.5) More information »
  • Low Priority - Core - Directory Traversal (affecting Joomla 3.2.0 through 3.4.5) More information »
  • Low Priority - Core - Directory Traversal (affecting Joomla 3.4.0 through 3.4.5) More information »


Please see the documentation wiki for FAQ’s regarding the 3.4.6 release.



Tuesday, December 15, 2015





« Back