source: http://www.securityfocus.com/bid/9584/info It has been reported that Discuz! is prone to an Cross Site Scripting vulnerability. This issue is caused by the application failing to properly sanitize links embedded within user messages. Upon successful exploitation of this issue, a malicious user could steal cookie based authentication credentials or other information within the context of the affected web page. [img]http://a.gif');alert(document.cookie);a=escape=('a[/img]
Related ExploitsTrying to match CVEs (1): CVE-2004-0254
Trying to match OSVDBs (1): 3871
Other Possible E-DB Search Terms: Crossday Discuz! 2.0/3.0, Crossday Discuz!