Joomla sent out a security notification today. Please be aware:
http://developer.joomla.org/security-centre.html
Quote
Joomla! Security News
________________________________________
[20150602] - Core - CSRF Protection
Posted: 03 Jul 2015 02:10 PM PDT
* Project: Joomla!
* SubProject: CMS
* Severity: Low
* Versions: 3.2.0 through 3.4.1
* Exploit type: CSRF Protection
* Reported Date: 2015-April-06
* Fixed Date: 2015-June-30
* CVE Number: tbd
Description
Lack of CSRF checks potentially enabled uploading malicious code.
Affected Installs
Joomla! CMS versions 3.2.0 through 3.4.1
Solution
Upgrade to version 3.4.2
---------------
[20150601] - Core - Open Redirect
Posted: 03 Jul 2015 02:04 PM PDT
* Project: Joomla!
* SubProject: CMS
* Severity: Low
* Versions: 3.0.0 through 3.4.1
* Exploit type: Open Redirect
* Reported Date: 2015-June-01
* Fixed Date: 2015-June-30
* CVE Number: tbd
Description
Inadequate checking of the return value allowed to redirect to an extern page.
Affected Installs
Joomla! CMS versions 3.0.0 through 3.4.1
Solution
Upgrade to version 3.4.2
[/quote[