MyBB 1.6.9 is now available from the MyBB website and is a security release for the 1.6 series.
What’s added/changed in this version?
It has come to our attention that there is an SQL injection vulnerability in all versions of MyBB, including MyBB 1.6.8. We advise all MyBB forum owners to upgrade their forum as soon as possible.
With thanks to frostschutz and StefanT for finding and reporting these issues.
Vulnerabilities fixed:
- High Risk: An SQL vulnerability when editing a post
- Medium Risk: CAPTCHA systems non effective, providing possible brute-force access
Bugs fixed:
- An issue with the editor not working in Firefox 16 and above
We apologise for any inconvenience.
TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data
Zero-Day Flaws in Mazda’s Infotainment Expose Cars to Takeover Attacks
Forescout Uncovers Severe Systemic Security Risks in Global Solar Power Infrastructure