Reflected XSS Vulnerability in Discuz! DiscuzX through X3.4 via forum.php?mod=post&action=newthread

Reflected XSS Vulnerability in Discuz! DiscuzX through X3.4 via forum.php?mod=post&action=newthread

CVE-2018-10298 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Discuz! DiscuzX through X3.4 has reflected XSS via forum.php?mod=post&action=newthread because data/template/1_diy_portal_view.tpl.php does not restrict the content.

Learn more about our Web Application Penetration Testing UK.