MyBB 1.8.20 Released — Security & Maintenance Release

Discussion in 'MyBB' started by vbgamer45, Feb 27, 2019.

  1. vbgamer45

    vbgamer45 Adherent

    MyBB 1.8.20 is now available, and is a security & maintenance release.

    This release includes allowing users to see their unapproved content and view user referrals; compatibility with PHP >= 7.2 has been improved and jQuery has been upgraded to 3.0.0, which might affect custom JavaScript code in plugins and themes.

    • 5 security vulnerabilities addressed:
      • Medium risk: Reset Password reflected XSS
      • Medium risk: ModCP Profile Editor username reflected XSS — reported by Jovan Zivanovic of MaTRIS Research Group, SBA Research
      • Low risk: Predictable CSRF token for guest users — reported by Devilshakerz of MyBB Team
      • Low risk: ACP Stylesheet Properties XSS — reported by Cillian Collins
      • Low risk: Reset Password username enumeration via email — reported by Abdullah Md. Shaleh
    • 42 issues resolved
    Check Release Notes for a list of changes to language files, templates and unresolved issues.

    • Informative! Informative! x 1
    • List
  2. palhanow

    palhanow Enthusiast

    I'm happy to see that MyBB is still going on after so long time.

    My first Forum was built on that platform, but changed to XF after. Was the best thing that i did.

    They need a bigger team to follow up the technology. I don't think they can handle the needs of the market today with this small team of developers.
  3. vbgamer45

    vbgamer45 Adherent

    It's hard a team volunteers unpaid versus a paid development team who can spend time and get paid for it. Generally the open source forum projects recruit people in college/school to work on the software.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.