Unknown · Tastyigniter · CVE-2021-38699
**Name of the Vulnerable Software and Affected Versions**
TastyIgniter version 3.0.7
**Description**
The issue allows for XSS attacks via several endpoints, including "/account", "/reservation", "/admin/dashboard", and "/admin/system logs".
**Recommendations**
For TastyIgniter version 3.0.7, consider restricting access to the mentioned endpoints until a fix is available. As a temporary workaround, avoid using these endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.