CVE-2025-56795 | hay-kot Mealie up to 3.0.1 /api/recipes/ note/text cross site scripting (Issue 5677)

Inserito da Angelo Barbosa | Set 29, 2025 | CVE

A vulnerability labeled as problematic has been found in hay-kot Mealie up to 3.0.1. This vulnerability affects unknown code of the file /api/recipes/. Such manipulation of the argument note/text leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-56795. The attack can be launched remotely. No exploit exists.

It is advisable to implement a patch to correct this issue.

CVE-2025-56795 | hay-kot Mealie up to 3.0.1 /api/recipes/ note/text cross site scripting (Issue 5677)

Post correlati

CVE-2025-9798 | Netcad Netigma prior 6.3.5 V8 cross site scripting

CVE-2025-5444 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_UpgradeFWByBBS type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw os command injection

CVE-2025-22641 | Prem Tiwari FM Notification Bar Plugin up to 1.0.2 on WordPress cross site scripting

CVE-2025-55558 | PyTorch 2.7.0 torch.nn.Conv2d denial of service