MyBB 1.8.3 was released on 20 November 2014.
MyBB 1.8.3 is a security release and fixes 1 high risk vulnerability, 2 medium risk vulnerabilities and 3 low risk vulnerabilities.
- Vulnerabilities fixed:
- High Risk: A SQL injection vulnerability in theme selection (reported by StefanT)
- Medium Risk: A XSS vulnerability in calender.php (reported by -Acid)
- Medium Risk: A XSS vulnerability in MyCode editor (reported by My-BB.Ir)
- Low Risk: A XSS vulnerability related to post icons (reported by Destroy666)
- Low Risk: unserialize may call PHP magic methods (reported by chtg)
- Low Risk: PHP setting request_order can break register globals handling (reported by chtg)
- Bugs fixed:
The following files have changed since MyBB 1.8.2.
There are no changes to language files.
There are no changes to templates.