Swagger UI

Source repositories

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2016-1000226	Swagger API Swagger UI	cri	0.52	—	0.01		Sep 1, 2020	Affected versions of `swagger-ui` are vulnerable to cross-site scripting in both the `consumes` and `produces` parameters of the swagger JSON document for a given API. Additionally, `swagger-ui` allows users to load arbitrary swagger JSON documents via the query string…
CVE-2016-1000233	Swagger API Swagger UI	hig	0.39	—	0.01		Sep 1, 2020	Affected versions of `swagger-ui` are vulnerable to cross-site scripting. This vulnerability exists because `swagger-ui` automatically executes external Javascript that is loaded in via the `url` query string parameter when a `Content-Type: application/javascript` header is…

CVE-2016-1000226criSep 1, 2020
Swagger API
Swagger UI
risk 0.52cvss —epss 0.01
Affected versions of `swagger-ui` are vulnerable to cross-site scripting in both the `consumes` and `produces` parameters of the swagger JSON document for a given API. Additionally, `swagger-ui` allows users to load arbitrary swagger JSON documents via the query string…
CVE-2016-1000233higSep 1, 2020
Swagger API
Swagger UI
risk 0.39cvss —epss 0.01
Affected versions of `swagger-ui` are vulnerable to cross-site scripting. This vulnerability exists because `swagger-ui` automatically executes external Javascript that is loaded in via the `url` query string parameter when a `Content-Type: application/javascript` header is…