Cross-site Scripting (XSS) - DOM in tastyigniter/tastyigniter

Valid

Reported on

Jan 26th 2022


Description

TastyIgniter provides a professional and reliable platform for restaurants wanting to offer online food ordering and table reservation to their customers. this is vulnerable for stored xss

Proof of Concept

Imgur

Impact

This vulnerability is capable of Stored XSS

We are processing your report and will contact the tastyigniter team within 24 hours. 2 years ago
We have contacted a member of the tastyigniter team and are waiting to hear back 2 years ago
We have sent a follow up to the tastyigniter team. We will try again in 7 days. 2 years ago
We have sent a second follow up to the tastyigniter team. We will try again in 10 days. 2 years ago
tastyigniter/tastyigniter maintainer validated this vulnerability 2 years ago
Abdul muhaimin has been awarded the disclosure bounty
The fix bounty is now up for grabs
We have sent a fix follow up to the tastyigniter team. We will try again in 7 days. 2 years ago
We have sent a second fix follow up to the tastyigniter team. We will try again in 10 days. 2 years ago
We have sent a third and final fix follow up to the tastyigniter team. This report is now considered stale. 2 years ago
tastyigniter/tastyigniter maintainer marked this as fixed in 3.3.0 with commit 992d4c a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
jhond0e
a year ago

always active on demo

to join this conversation