XSS Vulnerability in DiscuzX X3.4 via appid Parameter in delete Action

XSS Vulnerability in DiscuzX X3.4 via appid Parameter in delete Action

CVE-2018-5375 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php appid parameter in a delete action.

Learn more about our Web Application Penetration Testing UK.