Listen to this Post
The CVE-2024-49997 vulnerability in TastyIgniter 3.7.7 is a Stored Cross-Site Scripting (XSS) issue within the `/admin/media_manager` upload functionality. The flaw arises from insufficient input sanitization and validation of uploaded SVG files. SVG, being an XML-based format, can natively contain JavaScript code within `
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent may adversely affect certain features and functions.
We do not sell your personal data. If you wish to exercise your rights under applicable privacy laws, please visit our Do Not Sell My Personal Information page.