Log In | Register
Skip to main content


Topic: MyBB 1.8.20 Released (Read 32 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.
MyBB 1.8.20 Released
  • 5 security vulnerabilities addressed:

    • Medium risk: Reset Password reflected XSS
    • Medium risk: ModCP Profile Editor username reflected XSS — reported by Jovan Zivanovic of MaTRIS Research Group, SBA Research
    • Low risk: Predictable CSRF token for guest users — reported by Devilshakerz of MyBB Team
    • Low risk: ACP Stylesheet Properties XSS — reported by Cillian Collins
    • Low risk: Reset Password username enumeration via email — reported by Abdullah Md. Shaleh
  • 42 issues resolved
For more detail on the release, check - MyBB 1.8.20 Released — Security & Maintenance Release

MyBB 1.8.20 Released
Reply #1
Good to see them regularly updated the software especially to fix security vulnerabilities.

MyBB 1.8.20 Released
Reply #2
Yes, but it would be also great if they make the forum software more responsive.