CVE-2018-19464

Discuz! X3.4 allows XSS via admin.php because admincp/admincp_setting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt