+- MyBB Source (http://mybbsource.com)
+-- Forum: MyBBSource Discussion (/forum-3.html)
+--- Forum: Announcements (/forum-4.html)
+---- Forum: Archived Announcements (/forum-55.html)
+---- Thread: MyBB 1.6.5 Released! (/thread-5972.html)
MyBB 1.6.5 Released! - Nickman - 12-06-2011 12:47 PM
In 1.6.5, there are 3 vulnerabilities and over 70 reported issues fixed. Please be aware that not all of the existing problems have been fixed in this version.
Vulnerabilities:
Non Critical: Unparsed user avatar in the buddy list – reported by labrocca
Non Critical: Potential XSS vulnerability validating usernames via AJAX – reported by Will G
Low Risk: CSRF vulerability in ?language – reported by Nathan Malcolm (Issue #1729)
Thanks to everyone who helped find and resolve the issues!
Fixed issues in 1.6.5
Unfixed issues
There are also over 10 new feature updates in 1.6.5.
[More Info]