I am totally beginner in Joomla. I found that the security patch for the vulnerability: Filter attribute in subform fields allows remote code execution” was fixed in 3.9.9 But I am not finding the code changes in the Joomla that fixes this vulnerability. Anyone know if it is possible to check the code? At Joomla website the CVE Number is: TBA. I would appreciate any help.