Discuz! DiscuzX through X3.4 has reflected XSS via forum.php?mod=post&action=newthread because data/template/1_diy_portal_view.tpl.php does not restrict the content.
References
Link | Resource |
---|---|
https://laworigin.github.io/2018/04/22/Discuz-x-portal-Stored-XSS/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:22:15
Updated: 2022-10-03T16:22:15
Reserved: 2022-10-03T00:00:00
Link: CVE-2018-10298
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-04-22T15:29:00.500
Modified: 2018-05-18T14:20:27.057
Link: CVE-2018-10298
JSON object: View
Redhat Information
No data.
CWE