3 matches found
CVE-2022-34619
A stored cross-site scripting XSS vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field...
CVE-2022-34619
A stored cross-site scripting XSS vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field...
CVE-2022-34619
Mealie v0.5.5 is affected by CVE-2022-34619: a stored XSS vulnerability allows attackers to execute arbitrary scripts/HTML via crafted payloads in the Shopping Lists item names field. Root cause: stored XSS in user-provided text. Impact: potential client-side script execution. Remediation: not sp...