Executive Summary

CVE-2026-35046 is a stored CSS injection vulnerability in Tandoor Recipes versions prior to 2.6.4. Authenticated users can inject arbitrary <style> tags containing malicious CSS into recipe step instructions because the backend sanitizer explicitly allows the <style> tag. This causes the backend to store and serve unsanitized CSS payloads via the API.

Any client that consumes the instructions_markdown field from the API and renders it as HTML without additional sanitization will execute attacker-controlled CSS. This can lead to UI redressing, phishing overlays, visual defacement, and CSS-based data exfiltration.

The default Tandoor Vue 3 frontend mitigates this by stripping <style> tags during template compilation, but this protection does not extend to third-party clients, recipe exports, alternative frontends, or future frontend changes.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows an authenticated attacker to inject malicious CSS that executes in any client rendering the affected recipe instructions as HTML without proper sanitization.

• UI redressing and phishing overlays by manipulating page layout and appearance.
• Visual defacement by hiding or restyling page content globally.
• CSS-based data exfiltration by exploiting CSS selectors and external resource requests.
• Persistent stored attacks that execute whenever the affected recipe is viewed.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by inspecting API responses for the presence of unsanitized <style> tags within the recipe step instructions, specifically in the fields `instruction` and `instructions_markdown`.

Since the vulnerability involves authenticated users injecting arbitrary CSS via <style> tags, detection involves querying the API for recipe instructions and checking if these contain <style> blocks.

Suggested commands include using authenticated API requests (e.g., with curl) to fetch recipe data and searching for <style> tags in the response. For example:

• curl -H "Authorization: Bearer <token>" https://<tandoor-recipes-server>/api/recipes/<recipe_id>/ | grep -i '<style>'
• Alternatively, use tools like jq to parse JSON and check the `instructions_markdown` field for <style> tags.
• Monitor frontend clients or third-party applications consuming the API for unexpected CSS behavior or UI redressing effects.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade Tandoor Recipes to version 2.6.4 or later, where this vulnerability has been fixed.

If upgrading is not immediately possible, restrict authenticated user permissions to limit who can add or modify recipe instructions.

Additionally, ensure that any client consuming the API sanitizes the `instructions_markdown` field properly before rendering it as HTML, removing or neutralizing <style> tags.

On the backend, the fix involves removing the 'style' tag from the allowed HTML tags whitelist in the sanitizer configuration and, if inline styling is needed, using a strict CSS sanitizer that only allows safe CSS properties.

Review and monitor API usage for suspicious injection attempts and consider implementing additional input validation or sanitization layers.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows authenticated users to inject malicious CSS that can lead to UI manipulation, phishing overlays, visual defacement, and CSS-based data exfiltration when API consumers render recipe instructions as HTML without proper sanitization.

Such unauthorized data exfiltration and phishing risks could potentially impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal data and preventing unauthorized access or disclosure.

However, the provided information does not explicitly discuss compliance impacts or specific regulatory consequences.

Useful 0 Not Useful 0