Описание
Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lp_admin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mr-corner:amazing_little_poll:1.3:*:*:*:*:*:*:*
cpe:2.3:a:mr-corner:amazing_little_poll:1.4:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00155
Низкий
6.5 Medium
CVSS3
4.6 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.5
github
около 2 лет назад
Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lp_admin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading.
EPSS
Процентиль: 36%
0.00155
Низкий
6.5 Medium
CVSS3
4.6 Medium
CVSS3
Дефекты
CWE-79