MyBB 1.8.3

code 1803

Security

Full Package

Install a new MyBB forum or upgrade from older versions.

.zip – 2.2 MB

Download from MyBB.com

md5:

1f5d1246da4174f3b29799eca435d86c

Changed Files

Upgrade from the previous version.

.zip – 0.20 MB

Download from MyBB.com

md5:

0bef95fee272b767c3c07584e7af410f

How to verify packages

Important Notes

The upgrade script does not need to be run when upgrading to this release with the Changed Files package.

Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.

Follow the Upgrade Documentation for more detailed instructions.

Security Vulnerabilities Addressed (1)

CWE-89 CVSS:3.1/PR:N High risk

A SQL injection vulnerability in theme selection

Reported by StefanT MyBB Team

CWE-79 CVSS:3.1/PR:L Medium risk

A XSS vulnerability in calendar.php

Reported by -Acid

CWE-79 CVSS:3.1/PR:N Medium risk

A XSS vulnerability in MyCode editor

Reported by My-BB.Ir

CWE-79 CVSS:3.1/PR:H Low risk

A XSS vulnerability related to post icons

Reported by Destroy666 MyBB Team

CWE-502 CVSS:3.1/PR:N Low risk

unserialize may call PHP magic methods

Reported by chtg

CWE-473 CVSS:3.1/PR:N Low risk

PHP setting request_order can break register globals handling

Reported by chtg

Changed Files ()

Copyright © 2002-2020 MyBB Group