MyBB 1.8.20
SecurityMaintenance
code 1820
Full Package
Install a new MyBB forum or upgrade from older versions.
.zip – 2.15 MB
Download from MyBB.com Download from GitHub.com (mirror)sha512:
68d5bcd26cf808bf90414e569cfee91e6ad158ee73cdb8ce7dc3a87a0b883b946674831b4fbbd9c6c81b25c20f802e8f6e303f128aeb5607f40c39b294a8d5e2
More checksums…
sha256:
ee96b3eac55ebbbdf86c2057d513c7b015a6d558c7fdf4f297084c3e2f73b212
sha1:
e3c73a4cf99dbb237c9aa8bce458fe2296acbdee
md5:
3d1a8c22874af72a1025709f5447f783
Changed Files
Upgrade from the previous version.
.zip – 0.85 MB
Download from MyBB.com Download from GitHub.com (mirror)sha512:
b2446331cc8b62fea579acb7e225344d23347d0e5fa9f3a49df8715aa31a14a29b38b1757f5f11d42983bd07fb59be4ac9b7ae09e6151b9a8f0a445bbb4566ec
More checksums…
sha256:
31b21c008d63f655f80572fffd8d7c1c465c346580cf920a1535443893766cb7
sha1:
80c0af41e9148bc84ef7558d6f20d9c859279c9a
md5:
d9377988fdef5e19d105afe7db141543
Upgrading to this Version
To upgrade: copy and overwrite the files, and run the install/
upgrade script.
Before performing any upgrade, remember to backup your forum’s files and database and store them safely.
If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.
Follow the Upgrade Documentation for more detailed instructions.
Security Vulnerabilities Addressed (5)
ModCP Profile Editor username reflected XSS
CWE-79
CVSS:3.1/PR:L
Reported by Jovan Zivanovic
MaTRIS Research Group, SBA Research
Predictable CSRF token for guest users
CWE-352
CVSS:3.1/PR:N
Reported by Devilshakerz
MyBB Team
Reset Password username enumeration via email
CWE-200
CVSS:3.1/PR:N
Reported by Abdullah Md. Shaleh
Issues Resolved (42)
View issues on GitHubChanged Files ()
Changed Language Files (9)
There are changes to 9 language file(s). Changed languages files can be cross-referenced from the list above.Changed Templates (47)
announcement
codebuttons
editpost
footer
footer_showteamlink
forumdisplay
forumdisplay_threadlist
forumdisplay_threadlist_subscription
global_modqueue
global_modqueue_notice
global_unreadreports
header
headerinclude
index_boardstats
member_no_referrals
member_profile
member_profile_modoptions_manageban
member_profile_modoptions_manageuser
member_profile_referrals
member_referral_row
member_referrals
member_referrals_link
member_referrals_popup
member_resendactivation
member_resetpassword
memberlist
memberlist_search
modal
modal_button
modcp_announcements_edit
modcp_announcements_new
modcp_modqueue_posts
modcp_modqueue_threads
newreply
newthread
post_attachments_attachment
post_javascript
private
private_orderarrow
private_read
private_send
reputation
search
showthread
usercp_editlists
usercp_forumsubscriptions_forum
warnings_warn_pm
This release includes allowing users to see their unapproved content and view user referrals; compatibility with PHP >= 7.2 has been improved and jQuery has been upgraded to 3.0.0, which might affect custom JavaScript code in plugins and themes.