CNNVD-202602-1889 Information

CNNVD ID

CNNVD-202602-1889

Related CVE

CVE-2025-70296

• CNNVD Published: 2026-02-11

Description (Chinese)

Mealie是美国Hayden个人开发者的一个自托管的食谱管理器和膳食计划器。 Mealie 3.3.1版本存在安全漏洞，该漏洞源于Recipe Notes渲染组件存在存储型HTML注入，可能导致用户界面伪装。

Description (English)

Mealie is a self-hosted recipe manager and diet planner for Hayden personal developers in the United States. There is a security loophole in the Mealie 3.3.1 version, which stems from the storage-type HTML injection of the Recipe Notes rendering component, which may lead to the user interface disguise.

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-02-11

Last Modified

2026-02-24

References

https://github.com/chrisWalker11/Cves/blob/main/CVE-2025-70296/CVE-2025-70296.md https://github.com/mealie-recipes/mealie/issues/6690 https://github.com/mealie-recipes/mealie/pull/6743