CVE-2022-23072
CVE-2022-23072 : In Recipes (versions 1.0.5–1.2.5), a Stored XSS flaw exists in the Add to Cart flow. An attacker can inject a malicious payload via the Name parameter on the food list page, triggering the XSS when adding to the shopping cart. This could enable the attacker to capture the victim’...