CVE-2018-5259

HIGH

Discuz! DiscuzX X3.4 - Auth Bypass

Title source: llm

Description

Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter.

Exploits (1)

References (2)

Scores

CVSS v3 8.8
EPSS 0.0041
EPSS Percentile 61.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
discuz/discuzx x3.4
Published Jan 08, 2018
Tracked Since Feb 18, 2026