Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in M2Scripts MySpace Scripts Poll Creator allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) intro, and (3) question parameters, and (4) unspecified answer parameters, in a create_new action. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MySpace Poll Creator index.php HTML代码注入漏洞
Vulnerability Description
MySpace是是全球最大的社区交友网站,该网站所使用的Poll Creator脚本是用于创建投票的工具。 MySpace在处理用户请求参数时存在漏洞,远程攻击者可能利用此漏洞在用户浏览器中执行恶意代码。 如果将action设置为create_new的话,MySpace的Poll Creator脚本中的index.php文件就无法正确地验证title、intro、question、answer等参数的输入。当用户查看恶意数据时,就会注入任意HTML和脚本代码并在用户浏览器会话中执行。
CVSS Information
N/A
Vulnerability Type
N/A