tastyigniter/TastyIgniter

tastyigniter/TastyIgniter

tastyigniter.com

Releases116

Frequency1 month 1 week

Last Release 4 months ago

Stars3.61K

:fire: Powerful, yet easy to use, open-source online ordering, table reservation and management system for restaurants

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-61417 ↗	Oct 20, 2025Monday, 20 October 2025, 15:15	8.8 HIGH	—
Cross-Site Scripting (XSS) vulnerability exists in TastyIgniter 3.7.7, affecting the /admin/media_manager component. Attackers can upload a malicious SVG file containing JavaScript code. When an administrator previews the file, the code executes in their browser context, allowing the attacker to perform unauthorized actions such as modifying the admin account credentials.
CVE-2022-0602 ↗	Apr 5, 2022Tuesday, 5 April 2022, 16:15	5.4 MEDIUM	3.5 LOW
Cross-site Scripting (XSS) - DOM in GitHub repository tastyigniter/tastyigniter prior to 3.3.0.