The changes: http://blog.mybb.com/2015/05/27/mybb-1-8...5-release/
--
Vulnerabilities:
Medium Risk: Reset password code check could be circumvented in member.php reported by solati.sadegh
Medium Risk: Sender email could be spoofed when sending an email to a user in member.php reported by onlinedevelopers
Medium Risk: Permissions not checked for post search with old sid in search.php reported by pedder55655
Medium Risk: XSS in quick edit function of xmlhttp.php reported by TiberiusG
Low Risk: CSRF in ACP mass mail cancellation reported by Destroy666
Low Risk: Use of the U+200E Unicode character to create ?duplicate username reported by mahdy2021
--
Download: http://www.mybb.com/download/
:yus:
MyBB Releases
MyBB 1.8.5 IS HERE!
Submitted by Akay, 27-05-2015, 09:55 PM, Thread ID: 4207
Thread Closed