Cross-Site Scripting in swagger-ui

Published: Sep 1, 2020
Updated: Apr 14, 2023
GHSA: <a href="https://github.com/advisories/GHSA-g336-c7wv-8hp3" target="_blank" rel="noopener"> GHSA-g336-c7wv-8hp3
Severity: Critical
Exploit:

Affected versions of swagger-ui are vulnerable to cross-site scripting via the url query string parameter.