MyBB Releases

MyBB 1.8.7

Submitted by Zenith, , Thread ID: 19373

Thread Closed
13-03-2016, 04:25 AM
#1
Mybb 1.8.7 has been released! Here are the changes

This release fixes13 security vulnerabilitiesand83 reported issuescausing incorrect functionality of MyBB. Please be aware that not all issues have been fixed in this version in order to provide easy to manage updates.
  • Vulnerabilities:
    • Medium risk: Possible SQL Injection in moderation tool
    • Low risk: Missing permission check in newreply.php
    • Low risk: Possible XSS Injection on login
    • Low risk: Possible XSS Injection in member validation
    • Low risk: Possible XSS Injection in User CP
    • Low risk: Possible XSS Injection in Mod CP logs
    • Low risk: Possible XSS Injection when editing users in Mod CP
    • Low risk: Possible XSS Injection when pruning logs in ACP
    • Low risk: Possibility of retrieving database details through templates
    • Low risk: Disclosure of ACP path when sending mails from ACP
    • Low risk: Low adminsid & sid entropy
    • Low risk: Clickjacking in ACP
    • Low risk: Missing directory listing protection in upload directories
Read More:http://blog.mybb.com/2016/03/11/mybb-1-8...7-release/

Download:https://www.mybb.com/download/

[Image: Yp8ZHSk.gif]

RE: MyBB 1.8.7

#2
Oh thanks for the update details.
Still no real change.

RE: MyBB 1.8.7

OP
#3
13-03-2016, 04:31 AM
GSHost Wrote:
Oh thanks for the update details.
Still no real change.

There were a lot of fixes for exploits. Good that mybb tries its best to be secure

[Image: Yp8ZHSk.gif]

RE: MyBB 1.8.7

#4
Yeah i mean that's really good about security fixes it's really important, but there is no big change in general.
Last updated was just some small fix for security too.

RE: MyBB 1.8.7

#5
Nice! Smile They're updating its security (y)

RE: MyBB 1.8.7

OP
#6
13-03-2016, 04:37 AM
GSHost Wrote:
Yeah i mean that's really good about security fixes it's really important, but there is no big change in general.
Last updated was just some small fix for security too.

That's why it's still at 1.8. Big changes should be around when 2.0 comes out. Lol its meant to be that way

[Image: Yp8ZHSk.gif]

RE: MyBB 1.8.7

#7
Still 1.8.7 has unfixed bugs which are sever and might get dangerous if done by professional attackers.

Who will use 2.0 ? it will break all plugins , all plugins will need recode .

whats so exciting for mybb 2.0 ?

RE: MyBB 1.8.7

OP
#8
14-03-2016, 11:31 AM
boson Wrote:
Still 1.8.7 has unfixed bugs which are sever and might get dangerous if done by professional attackers.

Who will use 2.0 ? it will break all plugins , all plugins will need recode .

whats so exciting for mybb 2.0 ?

Report those bugs to the developers and they will work on fixing it. It isnt a complete patch, and I never said it was perfect.

2.0 is going to add new core features for admins I'm guessing. Most plugins can probably be fixed with fixing the "18" with "20". And if not then the developers will fix them.

[Image: Yp8ZHSk.gif]

RE: MyBB 1.8.7

#9
changing compatibility "18" with "20" is not a fix, the core is rewritten so all hooks needs recode,lol

RE: MyBB 1.8.7

#10
Nothing really new added but still a great update.
Do not allow the eye to fool the mind.

Users browsing this thread: 6 Guest(s)