CVE-2017-2127
MEDIUMYOP Poll <5.8.1 - XSS
Title source: llmDescription
Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Scores
CVSS v3
5.4
EPSS
0.0013
EPSS Percentile
31.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (2)
yop-poll/yop_poll
< 5.8
YOP/YOP Poll
< versions prior to 5.8.1
Timeline
Published
Apr 28, 2017
Tracked Since
Feb 18, 2026