Vulnerabilities > Mealie Project > Mealie > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-02 | CVE-2022-34619 | Cross-site Scripting vulnerability in Mealie Project Mealie 0.5.5 A stored cross-site scripting (XSS) vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field. | 5.4 |
| 2022-08-02 | CVE-2022-34618 | Cross-site Scripting vulnerability in Mealie Project Mealie 1.0.0 A stored cross-site scripting (XSS) vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field. | 5.4 |