MyBB 1.8.11

SecurityMaintenance

code 1811

Full Package

Install a new MyBB forum or upgrade from older versions.

.zip – 2.1 MB

Download from MyBB.com

sha512:

9db6ec3894cd66a26dffb5682109e25073148f1c885f2e0638be8c7d95eb2ba5e16db6dc66087431e919d849acdb7c2c11c95e247e99f6f8f44bcc19fe721015

More checksums…

sha256:

c95cf770fffb37f811bee17a828cea8f0c789f22069c1783f3fb6f567fa7ca43

sha1:

5ca8bf23a8efe0940bfe3c6fba852676144ea134

md5:

d4d3de795b69b076264a007e7a989f64

Changed Files

Upgrade from the previous version.

.zip – 0.56 MB

Download from MyBB.com

sha512:

4d9018f2e1f286dd447e4c4db0ba9be18b1c407ed63272711d11deb6a09d7e301967917d465e368d8ebdd046cc0c7c5a23308b8ed72f8d5f9e9307ba6a81f8e3

More checksums…

sha256:

f3a50f31dc6045e63ccad826fd4fa35f1240891238f4fbcdaeb724835cd58f4d

sha1:

323bec46d3da051fe5e9899e1a4ffdd8e538b5f5

md5:

f99cdecf3d96c8c39441c81d8468e4f6

How to verify packages

Upgrading to this Version

Before performing any upgrade, remember to backup your forum’s files and database and store them safely.

If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.

Follow the Upgrade Documentation for more detailed instructions.

Security Vulnerabilities Addressed (3)

High risk

XSS Injection in Email MyCode

CWE-79 CVSS:3.1/PR:N Reported by Zhiyang Zeng Tencent security platform department

Medium risk

SSRF protection can be bypassed

CWE-918 CVSS:3.1/PR:L Reported by Orange Tsai DEVCORE , Jasveer Singh SEC Consult Vulnerability Lab

Low risk

Directory Traversal in smilie module

CWE-22 CVSS:3.1/PR:H Reported by Zhiyang Zeng Tencent security platform department

Issues Resolved (32)

View issues on GitHub

Changed Files ()

Changed Language Files (5)

There are changes to 5 language file(s). Changed languages files can be cross-referenced from the list above.

Changed Templates (6)

  • footer_languageselect
  • footer_themeselect
  • modcp_announcements_announcement
  • modcp_announcements_announcement_global
  • portal_search
  • video_liveleak_embed