Security Advisory

CVE-2025-70296

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-11 00:00:00

Last updated 2026-02-12 21:02:53

Assigner mitre

State PUBLISHED

Description

A stored HTML injection vulnerability in the Recipe Notes rendering component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary HTML, resulting in user interface redressing within the recipe view.

← Browse all CVEs View on cve.org ↗