CVE-2022-23378

A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable.
References
Link Resource
https://github.com/TheGetch/CVE-2022-23378 Exploit Third Party Advisory
https://tastyigniter.com/ Product
Configurations

Configuration 1 (hide)

cpe:2.3:a:tastyigniter:tastyigniter:3.2.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-02-09 13:15

Updated : 2024-02-28 18:48


NVD link : CVE-2022-23378

Mitre link : CVE-2022-23378

CVE.ORG link : CVE-2022-23378


JSON object : View

Products Affected

tastyigniter

  • tastyigniter
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')