MyBB 1.8.5
SecurityMaintenance
code 1805
Full Package
Install a new MyBB forum or upgrade from older versions.
Changed Files
Upgrade from the previous version.
Upgrading to this Version
Before performing any upgrade, remember to backup your forum’s files and database and store them safely.
If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.
Follow the Upgrade Documentation for more detailed instructions.
Security Vulnerabilities Addressed (6)
Reset password code check could be circumvented in member.php
CWE-287
CVSS:3.1/PR:N
Reported by solati.sadegh
Sender email could be spoofed when sending an email to a user in member.php
CWE-345
CVSS:3.1/PR:L
Reported by onlinedevelopers
Permissions not checked for post search with old sid in search.php
CWE-284
CVSS:3.1/PR:N
Reported by pedder55655
Issues Resolved (58)
View issues on GitHubChanged Files ()
Changed Language Files (12)
There are changes to 12 language file(s). Changed languages files can be cross-referenced from the list above.Changed Templates (8)
codebuttons
modcp
postbit_attachments_images_image
postbit_attachments_thumbnails_thumbnail
private_advanced_search
private_send_tracking
reputation
usercp_profile_contact_fields