Discuz: >> Discuzx >> x3.4 Security Vulnerabilities
Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php appid parameter in a delete action.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-01-12
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2018-01-12
Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/space_poll.php, as demonstrated by a mod=space do=poll request to home.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-01-10
Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-01-08