TheGetch/CVE-2022-23378
GitHub
Releases0
Authenticated reflected XSS in TastyIgniter version v3.2.2.
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 5.4 MEDIUM | 3.5 LOW | ||
A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable. | |||