The official MyBB Discussion Thread - Printable Version +- Makestation (https://makestation.net) +-- Forum: Technical Arts (https://makestation.net/forumdisplay.php?fid=45) +--- Forum: Web Design & Internet (https://makestation.net/forumdisplay.php?fid=62) +---- Forum: MyBB Related (https://makestation.net/forumdisplay.php?fid=120) +---- Thread: The official MyBB Discussion Thread (/showthread.php?tid=1258) |
The official MyBB Discussion Thread - Darth-Apple - November 14th, 2014 Since several members here are well acquainted with the software that this forum runs on, I feel it's only fair to have an official discussion thread on the topic (if people who feel other software is superior want to create their own, feel free xD) For those of you who have MyBB forums or who are members of forums running MyBB, the MyBB development team released 1.8.2 yesterday that fixes several vulnerabilities, including three serious vulnerabilities that can be exploited on the software's front end. Needless to say, both this forum and chatcave have been updated. According to the announcement, MyBB 1.6.15 was not affected by these vulnerabilities. Everyone seemed surprised when an extremely low risk XSS vulnerability was fixed in phpBB 3.1, and it seems MyBB 1.8 has had quite a few security issues so far going back from its beta days. Hopefully there won't be too many more vulnerabilities that will need to be patched. RE: The official MyBB Discussion Thread - Darth-Apple - November 15th, 2014 http://blog.mybb.com/2014/11/15/github-account-compromised/ This is starting to get ridiculous. Luckily, the last time I accessed the admin CP was yesterday morning, and I can confirm we weren't attacked. This isn't even the first time this has happened for MyBB though. I hope that they can improve the security of their software soon. I can't really see MS running on anything else at the moment. |