MyBB 1.8.22

code 1822

SecurityMaintenance

Full Package

Install a new MyBB forum or upgrade from older versions.

.zip – 2.13 MB

Download from MyBB.com Download from GitHub

sha512:

dad3dad5d443cd7e811ac314d1ef133aa05bb09e2953a92c8188a6d6a65e0147daf8712138f9fba65fff159e653c074847021cef15651ac117e28f80ef5b9c65

sha256:

645a48550d484a4042a355ad71238e76e96c728368002853626bd5b937f72f64

sha1:

d9773530d8aa269cfb83a5665020d098e0cd674d

md5:

45892177d4551031dcc2ed83bedca5bc

Changed Files

Upgrade from the previous version.

.zip – 0.87 MB

Download from MyBB.com Download from GitHub

sha512:

487fbbcd8bb83e7a3087118f2444c759e00df7f111af07f94e410e435f55b41cd8f50b13417963e9cea008d989944e2cfed2d52eda9b84914e7646e3dc03980d

sha256:

dccd77fd8afc596b877c6d94a199f6cc89a70f64aa305a7f1a3dd267b251ef38

sha1:

598ba7961161b872d0b1db41a47a16bc2e678822

md5:

bee75dced8f0a18a4a13e7cf95e5551b

How to verify packages

Important Notes

Running the upgrade script is required.

Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.

Follow the Upgrade Documentation for more detailed instructions.

Note: this version removes the discontinued “Yahoo” profile field, which may have been customized for other purposes.

Security Vulnerabilities Addressed (5)

CWE-94 CVSS:3.1/PR:N High risk

Installer RCE on settings file write

Reported by yelang123 Stealien

CWE-94 CVSS:3.1/PR:H Medium risk

Arbitrary upload paths & Local File Inclusion RCE

Reported by CNCERT

CWE-79 CVSS:3.1/PR:H Medium risk

XSS via insufficient HTML sanitization of Blog feed & Extend data

Reported by Devilshakerz MyBB Team

CWE-601 CVSS:3.1/PR:N Low risk

Open redirect on login

Reported by Jyoti Raval Qualys

CWE-79 CVSS:3.1/PR:N Low risk

SCEditor reflected XSS

Reported by Cillian Collins, bl4ckh4ck5

Issues Resolved (36)

View issues on GitHub

Changed Files ()

Changed Language Files (16)

There are changes to 16 language file(s). Changed languages files can be cross-referenced from the list above.

Changed Templates (17)

  • codebuttons
  • forumdisplay_searchforum
  • header_quicksearch
  • member_profile_contact_details
  • member_referral_row
  • member_referrals
  • member_referrals_popup
  • memberlist_search
  • modcp_editprofile
  • moderation_inline_movethreads
  • portal_search
  • post_attachments
  • post_javascript
  • search
  • showthread
  • usercp_changename
  • usercp_profile_contact_fields
Copyright © 2002-2020 MyBB Group