CVE-2018-5376by Jeremyin Security Bulletinson Posted on January 12, 2018 Discuz! DiscuzX X3.4 has XSS via the includespacecpspacecp_upload.php op parameter.