MyBB 1.6.5 released to Fix the 3 Vulnerabilities and 70 reported issues

MyBB 1.6.5 released to Fix the 3 Vulnerabilities and 70 reported issues, Mybb also added some extra features for the application. (Mybb is one of famous forum web application, available for free.) But not all of the existing problems have been fixed in this version.

Fixed Vulnerabilities:

• Non Critical: Unparsed user avatar in the buddy list – reported by labrocca
• Non Critical: Potential XSS vulnerability validating usernames via AJAX – reported by Will G
• Low Risk: CSRF vulerability in ?language – reported by Nathan Malcolm (Issue #1729)

Feature Updates

• Signature Control
• Find Users
• Custom Profile Fields
• Hidden CAPTCHA
• reCAPTCHA
• Reputation
• PM Override
• Parent Forum Lightbulbs
• Birthdays

Upgrading from 1.6.4 and Other Versions

Before performing any upgrade, please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again once the upgrade is complete.

If you have any plugins installed that limit signatures or provide reCAPTCHA, or might not be needed because of the new default settings available, it’s suggested to uninstall these before the upgrade. If you’re unsure, create a thread in the General Support section of the Community Forum with your plugin list and a useful member will be able to tell you the plugins that need to be disabled.
To upgrade, follow the Upgrading process. The upgrade script is required. There are also language and theme changes.

If you’re using MyBB 1.6.4

• Download and use the Changed Files Package
• Follow the Wiki Upgrading instructions

If you’re not using MyBB 1.6.4

• Download and use the full 1.6.5 release package
• Follow the Wiki Upgrading instructions