关联漏洞
标题:Mealie 安全漏洞 (CVE-2025-56795)Description:Mealie是美国Hayden个人开发者的一个自托管的食谱管理器和膳食计划器。 Mealie 3.0.1及之前版本存在安全漏洞,该漏洞源于recipe creation功能中对note和text字段的用户输入未进行清理和转义,可能导致存储型跨站脚本攻击。
Description
Stored Cross-Site Scripting (XSS) vulnerability affecting the recipe creation functionality in Mealie versions up to 3.0.1.
介绍
# CVE-2025-56795
## Description
Two stored Cross-Site Scripting (XSS) vulnerabilities were identified in the recipe creation functionality of **Mealie**, affecting all versions up to and including **3.0.1**.
Unsanitized user input provided during recipe creation is stored and later rendered in the frontend without proper escaping, resulting in persistent XSS.
---
## Affected Fields
During the creation of a new recipe, the following fields are vulnerable:
1. **Ingredient Notes (`note` parameter):**
Input in this field is stored and later rendered in the recipe detail view, allowing the execution of injected JavaScript payloads.
2. **Instruction Text (`text` parameter):**
Input in this field is also stored and rendered in the recipe detail view, leading to JavaScript execution when the recipe is viewed.
---
## Proof of Concept
**Screenshot showing the vulnerable parameters in the JSON response after creating a new recipe:**
<div align="center">
<img width="700" height="612" alt="create_recipe_response" src="https://github.com/user-attachments/assets/226b2c88-7d03-4f91-8840-1ac4554f2f82" />
</div>
**Browser alert triggered via the `note` parameter (“First Stored XSS”):**
<div align="center">
<img width="700" height="600" alt="xss_note_popup" src="https://github.com/user-attachments/assets/33abaa1c-7ba3-464d-88a6-a25f961c4a98" />
</div>
**Browser alert triggered via the `text` parameter (“Second Stored XSS”):**
<div align="center">
<img width="700" height="479" alt="xss_instruction_popup" src="https://github.com/user-attachments/assets/071bf3ed-daa9-40d1-a953-cf7d65a1dec8" />
</div>
---
## References
- [MITRE CVE Record](https://www.cve.org/CVERecord?id=CVE-2025-56795)
- [GitHub Issue – Vulnerability Report](https://github.com/mealie-recipes/mealie/issues/5677)
- [GitHub Pull Request – Fix](https://github.com/mealie-recipes/mealie/pull/5754)
文件快照
[4.0K] /data/pocs/b62284a61f9b71db88c437d7c5cc0c59bf565dca
└── [1.9K] README.md
1 directory, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。