3 matches found
CVE-2022-23378
A Cross-Site Scripting XSS vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable...
CVE-2022-23378
A Cross-Site Scripting XSS vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable...
CVE-2022-23378
CVE-2022-23378 affects TastyIgniter 3.2.2. The XSS exists in the items[0][path] parameter of requests to /admin/allergens/edit/1, as documented by NVD/Red Hat entries. CVSS vectors: CVSS2/AV:N/AC:M/Au:S/C:N/I:P/A:N (3.5 base) and CVSS3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N (5.4 base). No remediat...