Today, the MyBB team announced the release of MyBB 1.8.31. This is a security and maintenance release which fixes a number of bugs and issues reported with MyBB 1.8.30, released in march. If you are currently running a version of MyBB older than 1.8.30, we strongly encourage you to upgrade to the latest version as soon as possible. Upgrading is quick, easy, and free – simply download the updated files and upload them to your server to replace your existing installation. For more detailed instructions, please see the upgrade guide at mybb.com.
Category: Administration
MyBB 1.8.30 published
Today we are announcing the release of MyBB 1.8.30, this is a security release for the 1.8 series of MyBB.
This release fixes a number of bugs that have been reported since the last release.
MyBB 1.8.29 published
We are pleased to announce that MyBB 1.8.29 is now available. This is a security release for the 1.8 series of MyBB.
All users are strongly encouraged to update to this new version as soon as possible. Please remember to take a backup before upgrading!
For more information, please see the MyBB 1.8.29 announcement thread and the changelog for MyBB 1.8.29 at mybb.com.
MyBB 1.8.28 published
The MyBB team is excited to announce the release of MyBB 1.8.28! This security and maintenance release fixes a number of bugs and issues that were reported with MyBB 1.8.27.
The release does fix a medium risk – a xss in the ACP Template Name. A quick update is recommended.
MyBB 1.8.22 published
MyBB 1.8.22 has been released. It’s a maintenance and security update.
What has changed?
5 security issues and 36 other issues have been resolved.
Fixed security issues:
- High risk: Installer RCE on settings file write
- Medium risk: Arbitrary upload paths & Local File Inclusion RCE
- Medium risk: XSS via insufficient HTML sanitization of Blog feed & Extend data
- Low risk: Open redirect on login
- Low risk: SCEditor reflected XSS
Check Release Notes for a list of changes to language files, templates and unresolved issues.
MyBB 1.8.21 published
MyBB 1.8.21 has been published and is now available for download. It includes two high risk security fixes.
What has changed?
6 security breaches and 39 issues have been resolved.
Fixed security breaches:
- High risk: Theme import stylesheet name RCE
- High risk: Nested video MyCode persistent XSS
- Medium risk: Find Orphaned Attachments reflected XSS
- Medium risk: Post edit reflected XSS
- Medium risk: Private Messaging folders SQL injection
- Low risk: Potential phar deserialization through Upload Path
Check Release Notes for a list of changes to language files, templates and unresolved issues.
Huge MyBB security update
MyBB 1.8.15 has been released and it does contain a huge number of security fixes. 10 low and medium security vulnerabilities have been addressed with the .15 release.
24 other issues have been resolved, including important permission issues with the delayed moderation feature.
You should update your forum to 1.8.15 as soon as possible. If you can not update soon, check your moderators permissions and remove the delayed moderation permission to be safe.
Note that the update script is required for the 1.8.15 update.
MyBB 1.8.14 fixes two security risks
MyBB 1.8.14 has been released and it does fix two security risks.
While the XSS vulnerability inside the language packs is a low security risk, a high security risk has been fixed – the language pack RCE headers.
You should update immediately if possible.
MyBB 1.8.13 better than before
The new MyBB 1.8.13 includes a lot of improvements.
It fixes seven security risks and 62 issues.
Four of the seven security risks are with high and medium risk potential, so it’s important to download and install the new version as soon as possible.
MyBB tutorial to create a MyCode for SoundCloud links
You have to go through the following steps:
- Go into the ACP of your forum
- Click on configuration
- Click on the left side on MyCode
- Click on Add a new MyCode
- For example you can use “SoundCloud” for the title and “Integrate SoundCloud in postings” for the description
Continue reading MyBB tutorial to create a MyCode for SoundCloud links