MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Can someone explain me these 3 terms
Full Version: Can someone explain me these 3 terms
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

instaleech

2015-01-02, 08:49 PM
I am interesting in learning to secure my forum but I cannot completely understand the following terms
  • Low Risk
  • Medium Rik
  • High RiskĀ 
Whenever I read them on bug fixes I cannot understand if for example a low risk sqli has been found does it mean that the attacker has a low change of SQLing my site. etc... for medium, high change of hacking into my site.
Am I in the wrong direction do those terms mean anything else.

Nathan Malcolm

2015-01-02, 09:00 PM
Low risk usually means additional access is required, e.g. access to the Admin CP, or while it doesn't pose a direct threat it could aid an attacker in exploiting your forum (e.g. Full path disclosure).

Medium risk means a significant issue which needs to be patched or it could put your forum or users at risk.

High risk means you're pretty much screwed if you don't upgraded ASAP.

Hint: Always upgrade to the latest stable release of the series.
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Can someone explain me these 3 terms