3 matches found
CVE-2022-34618
A stored cross-site scripting XSS vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field...
CVE-2022-34618
A stored cross-site scripting XSS vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field...
CVE-2022-34618
CVE-2022-34618 is a stored XSS in Mealie 1.0.0beta3 where a crafted payload in the recipe description text field executes scripts/HTML. Affected component: Mealie web app; root cause: input not sanitized in description field leading to stored XSS. Exploitation details in the linked Red Hat entry ...