MyBB 1.8.19 is now available, and is a security & maintenance release.

This update includes improved compatibility with PostgreSQL and resolves regressions from previous versions. Administrators may need to update CSS code in global.css for customized themes.

• 4 security vulnerabilities addressed:
  • High risk: Email field SQL Injection — reported by StefanT
  • Medium risk: Video MyCode Persistent XSS in Visual Editor — reported by Numan OZDEMIR of InfinitumIT
  • Low risk: Insufficient permission check in User CP’s attachment management — reported by StefanT
  • Low risk: Insufficient email address verification — reported by StefanT
• 8 issues resolved

Check Release Notes for a list of changes to language files, templates and unresolved issues.

Get latest MyBB Full & Upgrade Packages →

The MyBB Project extends thanks to reporters and researchers following responsible disclosure.
Go to mybb.com/security to report possible security concerns or to learn more about security research at MyBB.
If you would like to contribute to the Project, Get Involved.

Thanks,
MyBB Team