{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35046", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-31T21:06:06.428Z", "datePublished": "2026-04-06T17:20:00.579Z", "dateUpdated": "2026-04-07T15:59:42.719Z"}, "containers": {"cna": {"title": "Tandoor has a Stored CSS Injection via <style> Tag in Recipe Instructions (API-Level)", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-9hhh-g2fc-r8x2", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-9hhh-g2fc-r8x2"}, {"name": "https://github.com/TandoorRecipes/recipes/releases/tag/2.6.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/TandoorRecipes/recipes/releases/tag/2.6.4"}], "affected": [{"vendor": "TandoorRecipes", "product": "recipes", "versions": [{"version": "< 2.6.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-06T17:20:00.579Z"}, "descriptions": [{"lang": "en", "value": "Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, Tandoor Recipes allows authenticated users to inject arbitrary <style> tags into recipe step instructions. The bleach.clean() sanitizer explicitly whitelists the <style> tag, causing the backend to persist and serve unsanitized CSS payloads via the API. Any client consuming instructions_markdown from the API and rendering it as HTML without additional sanitization will execute attacker-controlled CSS \u2014 enabling UI redressing, phishing overlays, visual defacement, and CSS-based data exfiltration. This vulnerability is fixed in 2.6.4."}], "source": {"advisory": "GHSA-9hhh-g2fc-r8x2", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-9hhh-g2fc-r8x2", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-07T15:19:12.515080Z", "id": "CVE-2026-35046", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T15:59:42.719Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35046", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-07T15:19:12.515080Z"}}}], "references": [{"url": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-9hhh-g2fc-r8x2", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T15:19:22.905Z"}}], "cna": {"title": "Tandoor has a Stored CSS Injection via <style> Tag in Recipe Instructions (API-Level)", "source": {"advisory": "GHSA-9hhh-g2fc-r8x2", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "TandoorRecipes", "product": "recipes", "versions": [{"status": "affected", "version": "< 2.6.4"}]}], "references": [{"url": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-9hhh-g2fc-r8x2", "name": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-9hhh-g2fc-r8x2", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/TandoorRecipes/recipes/releases/tag/2.6.4", "name": "https://github.com/TandoorRecipes/recipes/releases/tag/2.6.4", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, Tandoor Recipes allows authenticated users to inject arbitrary <style> tags into recipe step instructions. The bleach.clean() sanitizer explicitly whitelists the <style> tag, causing the backend to persist and serve unsanitized CSS payloads via the API. Any client consuming instructions_markdown from the API and rendering it as HTML without additional sanitization will execute attacker-controlled CSS \u2014 enabling UI redressing, phishing overlays, visual defacement, and CSS-based data exfiltration. This vulnerability is fixed in 2.6.4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-06T17:20:00.579Z"}}}, "cveMetadata": {"cveId": "CVE-2026-35046", "state": "PUBLISHED", "dateUpdated": "2026-04-07T15:59:42.719Z", "dateReserved": "2026-03-31T21:06:06.428Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-06T17:20:00.579Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tandoor:recipes:*:*:*:*:*:*:*:*", "matchCriteriaId": "D29C4837-2650-4BEF-A332-657E7D593877", "versionEndExcluding": "2.6.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, Tandoor Recipes allows authenticated users to inject arbitrary <style> tags into recipe step instructions. The bleach.clean() sanitizer explicitly whitelists the <style> tag, causing the backend to persist and serve unsanitized CSS payloads via the API. Any client consuming instructions_markdown from the API and rendering it as HTML without additional sanitization will execute attacker-controlled CSS \u2014 enabling UI redressing, phishing overlays, visual defacement, and CSS-based data exfiltration. This vulnerability is fixed in 2.6.4."}], "id": "CVE-2026-35046", "lastModified": "2026-04-10T18:33:43.150", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-06T18:16:42.287", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/TandoorRecipes/recipes/releases/tag/2.6.4"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-9hhh-g2fc-r8x2"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-9hhh-g2fc-r8x2"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.6.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "recipes", "source": "cna", "vendor": "TandoorRecipes"}, "product": "recipes", "vendor": "tandoorrecipes"}], "analysis": {"en": {"generated_at": "2026-04-10T19:28:29.847606+00:00", "value": {"mitigation_remediation": ["Upgrade to Tandoor Recipes version 2.6.4 or later.", "If an upgrade is not immediately possible, intervene prior to storage by sanitizing the instructions to remove <style> tags or by rejecting them during input.", "On the client side, ensure that any markdown from the API is passed through a trusted HTML sanitizer before rendering.", "Review and harden any components that consume the API to confirm they do not blindly render raw CSS."], "summary": {"action": "Immediate Patch", "impact": "CSS Injection"}, "threat_synthesis": {"affected_systems": "The vulnerability exists in all versions of TandoorRecipes:recipes released before 2.6.4. Users running any pre\u20112.6.4 build are affected; upgrade to version 2.6.4 or later resolves the issue.", "description_and_impact": "Tandoor Recipes permitted authenticated users to insert arbitrary <style> tags into recipe step instructions. The server-side sanitizer whitelisted the <style> element, so the CSS was stored and subsequently served through the API without further cleansing. When a client reads the instructions_markdown field and renders it as HTML, the injected CSS is executed in the user\u2019s browser, allowing the attacker to manipulate the page layout, overlay phishing interfaces, deface content, or perform CSS-based data exfiltration. The flaw is a classic stored injection and is catalogued as CWE\u201179.", "risk_and_exploitability": "The CVSS base score of 5.4 indicates moderate severity, and the EPSS score of less than 1% suggests low likelihood of current exploitation. The issue is not listed in the CISA KEV catalog, but the attack requires an authenticated session and a client that renders the API\u2011supplied markdown as HTML. If these conditions are met, the risk of UI defacement and data leakage exists."}}}}, "created": "2026-04-06T21:29:52.643950+00:00", "updated": "2026-04-13T14:27:40.872059+00:00", "vendors": ["tandoorrecipes", "tandoorrecipes$PRODUCT$recipes"]}