EIP-2026-111719

The provided text describes an HTML-injection vulnerability in Recipe Script 5.0, where user-supplied input is not properly sanitized, allowing attacker-supplied HTML and script code to execute in the context of the affected browser. The example script demonstrates a potential attack to steal cookie-based authentication credentials.