Guest MyBB Team Posted March 14, 2021 Posted March 14, 2021 MyBB 1.8.26 is now available, and is a security release. 6 security vulnerabilities addressed: High risk: Nested Auto URL persistent XSS (advisory) — reported by Simon Scannell & Carl Smith Medium risk: Theme properties SQL injection (advisory) — reported by Simon Scannell & Carl Smith Medium risk: Poll vote count SQL injection (advisory) — reported by Devilshakerz (MyBB Team) Medium risk: Forum Management SQL injection (advisory) — reported by Devilshakerz (MyBB Team) Medium risk: Usergroups SQL injection (advisory) — reported by Devilshakerz (MyBB Team) Low risk: Custom moderator tools reflected XSS (advisory) — reported by Devilshakerz (MyBB Team) Check the Release Notes for more information. Get latest MyBB Full & Upgrade Packages → The MyBB Project extends thanks to reporters and researchers following responsible disclosure. Go to mybb.com/security to report possible security concerns or to learn more about security research at MyBB. If you would like to contribute to the Project, Get Involved. Thanks, MyBB Team Continue reading... Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.