Joomla, the world’s second popular open source Content Management System, has reportedly patched a critical vulnerability in its software’s core component. The vulnerability originates from a com_fields parameter, which was introduced in version 3.7.0. It could allow remote hackers to steal sensitive information from the database and gain unauthorized access to websites, a researcher says. Since hackers would not take much time to exploit this vulnerability against millions of websites, you are advised to download the latest version of the software.
Source: https://thehackernews.com/2017/05/joomla-security-update.html