CVE-2023-6769 Information

Description

Stored XSS vulnerability in Amazing Little Poll affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the \lp_admin.php\ file in the \question\ and \item\ parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amazing-little-poll