VYPR

Recipes

by Tandoor

Source repositories

CVEs (23)

  • CVE-2022-23073Jun 21, 2022
    risk 0.00cvss epss 0.01

    In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in copy to clipboard functionality. When a victim accesses the food list page, then adds a new Food with a malicious javascript payload in the ‘Name’ parameter and clicks on the…

  • CVE-2022-23072Jun 21, 2022
    risk 0.00cvss epss 0.01

    In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in “Add to Cart” functionality. When a victim accesses the food list page, then adds a new Food with a malicious javascript payload in the ‘Name’ parameter and clicks on the Add…

  • CVE-2022-23071Jun 19, 2022
    risk 0.00cvss epss 0.01

    In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information.

Page 2 of 2