CVE-2010-4629

Name of the Vulnerable Software and Affected Versions MyBB versions prior to 1.4.12

Description The issue allows remote attackers to cause a denial of service by consuming resources. This is achieved by submitting join request forms for moderated groups using guest access. The problem is related to the usercp.php and managegroup.php files, which do not properly restrict uid values for group join requests.

Recommendations For versions prior to 1.4.12, update to version 1.4.12 or later to resolve the issue. As a temporary workaround, consider restricting guest access to submit join request forms for moderated groups until the update is applied.