A zero-day vulnerability affecting every version of Joomla was recently patched by Joomla. They are urging all site administrators to upgrade to the 3.4.6 version as soon as possible
The vulnerability caused all sorts of issues for about two days before the issue was patched. It was marked as a severity of high and caused browser information to remain unfiltered properly when session values were saved into the database.
Instructions have been provided by Joomla about how to update websites with the downloaded version and the Remote Code Execution Patch.