Changing Pre-Auth stored XSS to RCE for fun and no profit (CVE-NaN)
Hi all, it has been months since I didn’t publish anything on Medium. In January 2021, I found preauthentication stored XSS and command injection bug in TastyIgniter v2.1.1. TastyIgniter open-source food ordering…