>> MyBB 1.8.6 Cross Site Request Forgery / Weak Hashing

USER: deepcore // DATE: 2016-09-17 15:55 // MODIFIED: 2016-09-17

MyBB version 1.8.6 suffers from a cross site request forgery vulnerability. Additionally, it stores passwords using weak hashing and sends password in clear text via email.