MyBB 1.6.2 is a security update to the 1.6 series. It fixes 2 medium risk security vulnerabilities and one low risk issue. We recommend everybody upgrades to this release as soon as possible – or patch their boards with the manual instructions in the blog post for this release.
MyBB 1.4.15 is also a security update to the 1.4 series which is affected by the same vulnerabilities.
Thank you to MustLive (Websecurity), MattRogowski and Max Roth for alerting us of these issues.
What's fixed in this version?
The medium-risk issue reported by Max Roth requires HTML in posts to be enabled in a forum. This issue was fixed as part of Issue #1422. Even if you don't have HTML enabled in posts, it is still recommended to update to resolve this issue.
Full details of this release including a changed file zip, are available in the release announcement.
Once again, thank you for your continued support.
MyBB Group