CVE-2018-19464

CVE-2018-19464

Discuz! X3.4 allows XSS via admin.php because admincp/admincp_setting.php and templatedefaultcommonfooter.htm mishandle s statcode field from third-party stats code.

Source: CVE-2018-19464