Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TandoorRecipes

3 matches found

CVE
CVEadded 2025/01/28 4:15 p.m.63 views

CVE-2025-23211

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability allows any user to execute commands on the server. In the case of the provided Docker Compose file as root. This vulnerability is fixed in 1.5.24.

9.9CVSS9.5AI score0.00864EPSS
CVE
CVEadded 2025/01/28 4:15 p.m.45 views

CVE-2025-23213

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The file upload feature allows to upload arbitrary files, including html and svg. Both can contain malicious content (XSS Payloads). This vulnerability is fixed in 1.5.28.

8.7CVSS8.6AI score0.00042EPSS
CVE
CVEadded 2025/01/28 4:15 p.m.42 views

CVE-2025-23212

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The external storage feature allows any user to enumerate the name and content of files on the server. This vulnerability is fixed in 1.5.28.

7.7CVSS7.5AI score0.00098EPSS