Cross-site Scripting (XSS) - DOM in tastyigniter/tastyigniter

Valid

Reported on

Jan 26th 2022

Description

TastyIgniter provides a professional and reliable platform for restaurants wanting to offer online food ordering and table reservation to their customers. this is vulnerable for stored xss

Proof of Concept

Imgur

Impact

This vulnerability is capable of Stored XSS

We are processing your report and will contact the tastyigniter team within 24 hours. a year ago

We have contacted a member of the tastyigniter team and are waiting to hear back a year ago

We have sent a follow up to the tastyigniter team. We will try again in 7 days. a year ago

We have sent a second follow up to the tastyigniter team. We will try again in 10 days. a year ago

A tastyigniter/tastyigniter maintainer validated this vulnerability a year ago

Abdul muhaimin has been awarded the disclosure bounty

The fix bounty is now up for grabs

We have sent a fix follow up to the tastyigniter team. We will try again in 7 days. a year ago

We have sent a second fix follow up to the tastyigniter team. We will try again in 10 days. a year ago

We have sent a third and final fix follow up to the tastyigniter team. This report is now considered stale. a year ago

A tastyigniter/tastyigniter maintainer marked this as fixed in 3.3.0 with commit 992d4c a year ago

The fix bounty has been dropped

This vulnerability will not receive a CVE

jhond0e

commented 9 months ago

always active on demo

to join this conversation