Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the “lp_admin.php” file in the “question” and “item” parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading.
CPE | Name | Operator | Version |
---|---|---|---|
amazing_little_poll | eq | 1.4 | |
amazing_little_poll | eq | 1.3 |