MyBB

2009.6.29
MyBB 1.4.8 released - maintenance and security updates
1. A low-level XSS vulnerability fix in thin archive mode. The reason why it is marked as low-level is because it requires moderator permissions. This vulnerability was discovered and reported to us by frostschutz.
2. Fixed a medium-level XSS vulnerability in attachment operations. This vulnerability was reported to us by frostschutz.
Please note that this patch will cancel the method of opening certain types of attachments directly in the browser (such as movies in QuickTime format). The new method will be that the browser will pop up a dialog box asking whether to download.
3.Correction of other bugs.