漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Mealie 3.0.1 and earlier is vulnerable to Stored Cross-Site Scripting (XSS) in the recipe creation functionality. Unsanitized user input in the "note" and "text" fields of the "/api/recipes/{recipe_name}" endpoint is rendered in the frontend without proper escaping leading to persistent XSS.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mealie 安全漏洞
Vulnerability Description
Mealie是美国Hayden个人开发者的一个自托管的食谱管理器和膳食计划器。 Mealie 3.0.1及之前版本存在安全漏洞,该漏洞源于recipe creation功能中对note和text字段的用户输入未进行清理和转义,可能导致存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A