Recipes is an application used to manage recipes, plan meals, create shopping lists, etc. A cross-site scripting vulnerability exists in Recipes versions 1.0.5 through 1.2.5, which stems from a missing filter escape for user data in the name parameter. A low privilege attacker could exploit this vulnerability to have the victimโs API key and take over the administratorโs account.