- Messages
- 1,466
- Highlights
- 0
- Reaction score
- 58
- Points
- 694
- Location
- Cyber Space
- Peak Coin
- 0.000000¢
- DB Transfer
- 0.000000¢
MyBB 1.8.13 is now available, and is a security & maintenance release.
This update includes fixes related to compatibility with PostgreSQL, SQLite and PHP 7.2 and resolves attachment HTML output problems. Note that the theme’s CSS files may need to be updated.
Check Release Notes for a list of changes to language files, templates and unresolved issues.
Get latest MyBB Full & Upgrade Packages →
The MyBB Project extends thanks to reporters and researchers following responsible disclosure.
Go to mybb.com/security to report possible security concerns or to learn more about security research at MyBB.
If you would like to contribute to the Project, Get Involved.
Thanks,
MyBB Team
Continue reading...
This update includes fixes related to compatibility with PostgreSQL, SQLite and PHP 7.2 and resolves attachment HTML output problems. Note that the theme’s CSS files may need to be updated.
- 7 security vulnerabilities addressed:
- High risk: Installer RCE on configuration file write — reported by pabstersac
- High risk: Language file headers RCE — reported by Julian Rittweger
- Medium risk: Installer XSS — reported by pabstersac
- Medium risk: Mod CP Edit Profile XSS — reported by Julian Rittweger
- Low risk: Insufficient moderator permission check in delayed moderation tools — reported by Starpaul20 of MyBB Team
- Low risk: Announcements HTML filter bypass
- Low risk: Language Pack Properties XSS — reported by Julian Rittweger
Check Release Notes for a list of changes to language files, templates and unresolved issues.
Get latest MyBB Full & Upgrade Packages →
The MyBB Project extends thanks to reporters and researchers following responsible disclosure.
Go to mybb.com/security to report possible security concerns or to learn more about security research at MyBB.
If you would like to contribute to the Project, Get Involved.
Thanks,
MyBB Team
Continue reading...
