Vulnerabilities > CVE-2018-20423 - Unspecified vulnerability in Comsenz Discuzx X3.4
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
comsenz
Summary
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass a "disabled registration" setting by adding a non-existing wxopenid value to the plugin.php ac=wxregister query string.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |