This exploit demonstrates a reflected XSS vulnerability in Discuz! 6.0.0 by injecting a malicious script via the 'tid' parameter in viewthread.php. The payload triggers an alert and displays a marquee, confirming the vulnerability.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Discuz! 6.0.0
No auth needed
Prerequisites:Access to a vulnerable Discuz! instance · User interaction to click the malicious link