Web star CMS Forum Community

CMS News

MyBB 1.8.20 출시 - 보안 및 유지 보수 릴리스

조회 수 6302 추천 수 0 2019.05.18 21:07:40

MyBB 1.8.20 출시 - 보안 및 유지 보수 릴리스

MyBB 1.8.20 is now available, and is a security & maintenance release.

This release includes allowing users to see their unapproved content and view user referrals; compatibility with PHP >= 7.2 has been improved and jQuery has been upgraded to 3.0.0, which might affect custom JavaScript code in plugins and themes.

  • 5 security vulnerabilities addressed:

    • Medium risk: Reset Password reflected XSS
    • Medium risk: ModCP Profile Editor username reflected XSS — reported by Jovan Zivanovic of MaTRIS Research Group, SBA Research
    • Low risk: Predictable CSRF token for guest users — reported by Devilshakerz of MyBB Team
    • Low risk: ACP Stylesheet Properties XSS — reported by Cillian Collins
    • Low risk: Reset Password username enumeration via email — reported by Abdullah Md. Shaleh
  • 42 issues resolved

Check Release Notes for a list of changes to language files, templates and unresolved issues.

Get latest MyBB Full & Upgrade Packages →

The MyBB Project extends thanks to reporters and researchers following responsible disclosure.
Go to mybb.com/security to report possible security concerns or to learn more about security research at MyBB.
If you would like to contribute to the Project, Get Involved.

MyBB Team


엮인글 :
List of Articles
번호 제목 글쓴이 날짜 조회 수
5 릴리즈 노트 [보안패치] XE 1.11.6 버전 배포 안내 시포 2019-11-12 720
4 [베타버전] 그누보드 5.4 [1] 시포 2019-05-19 397
» MyBB 1.8.20 출시 - 보안 및 유지 보수 릴리스 시포 2019-05-18 6302
2 phpBB 3.2.7 Release 시포 2019-05-18 13360
1 XE 3정식 버전 출시 시포 2019-05-16 734