The open source MyBB discussion board software has been updated to version 1.6.5.
"According to its developers, the maintenance and security update includes several important feature changes and closes three security holes," The H Security reports.
"Vulnerabilities addressed by the update include a potential cross-site scripting (XSS) exploit and a cross-site request forgery (CSRF) issue, as well as an unparsed user avatar in the buddy list," the article states. "The developers advise users to backup their forum's files and database before upgrading to the new version."
Go to "MyBB update adds features, closes holes" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.