MyBB 1.8.15 has been released and it does contain a huge number of security fixes. 10 low and medium security vulnerabilities have been addressed with the .15 release.
24 other issues have been resolved, including important permission issues with the delayed moderation feature.
You should update your forum to 1.8.15 as soon as possible. If you can not update soon, check your moderators permissions and remove the delayed moderation permission to be safe.
Note that the update script is required for the 1.8.15 update.
MyBB 1.8.14 has been released and it does fix two security risks.
While the XSS vulnerability inside the language packs is a low security risk, a high security risk has been fixed – the language pack RCE headers.
You should update immediately if possible.
The new MyBB 1.8.13 includes a lot of improvements.
It fixes seven security risks and 62 issues.
Four of the seven security risks are with high and medium risk potential, so it’s important to download and install the new version as soon as possible.
You have to go through the following steps:
- Go into the ACP of your forum
- Click on configuration
- Click on the left side on MyCode
- Click on Add a new MyCode
- For example you can use “SoundCloud” for the title and “Integrate SoundCloud in postings” for the description
Continue reading MyBB tutorial to create a MyCode for SoundCloud links
The new version of MyBB fixes three security risks and 14 other issues.
Two of the security risks are with a medium risk potential.
But don’t forget to create you backup before updating your MyBB.
The new MyBB 1.8.11 is available and ready to download. It fixes three security risks, for example a gap in the email-MyCode.
Also there have been fixed 32 other issues, so you should download the new version really quick.
Because of changes in the structure of the database, the execution of the upgrade scripts is required.
MyBB 1.8.10 has been released. It’s a pure maintenance update which does fix 22 reported issues with MyBB 1.8 series.
You can (and should) download it from Mybb.com and update your forum to 1.8.10. Please note, that the upgrade script is required and don’t forget to backup your forum before updating!
MyBB 1.8.9 is out and it does fix one low security risk.
It is possible to start a CSRF attack on MyBB 1.8.8 when removing subscriptions. 1.8.9 does fix that issue.
There have been 52 other reported issues fixed so updating your MyBB is highly recommended although it’s not that urgent.
The fixed issues include:
Continue reading MyBB 1.8.9 fixes one low security risk
MyBB 1.8.8 has been released. The new version does fix 7 security vulnerabilities, four of them with a medium risk potential. There have been 58 issues fixed.
You should update your MyBB as soon as possible. Don’t forget to create a backup before updating your installation. The update script is required.
The Merge System has also been updated to version 1.8.8.
This blog has been moved to a new server this night. Sorry for any inconvenience caused by this server move. The new server infrastructure is more reliable and even faster than the old one.
If you are moving a MyBB installation to a new server, you’ll need to transfer all files by FTP and copy the database to the new host. Continue reading Mybboard.biz moved to a new server