TastyIgniter 3.0.7 allows XSS via the name field during user-account creation
CVE-2021-38699 TastyIgniter 307 allows XSS via the name field during user-account creation
A Stored Cross Site Scripting Vulnerability exists in multiple pages of TastyIgniter v307 that allows for arbitrary execution of JavaScript cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2021-38699
Vulnerable Pages:
/account, /reservation, /admin/dashboard, /admin/system_logs
Vu