XssInject vulnerability using the search bar

scottie1984 / swagger-ui-express

Adds middleware to your express app to serve the Swagger UI bound to your Swagger document. This acts as living documentation for your API hosted from within your app.

MIT License

1.43k stars 229 forks source link

XssInject vulnerability using the search bar #303

Open AlexMisiulia opened 2 years ago

AlexMisiulia commented 2 years ago

Hi. A security researcher reported the vulnerability found in swagger component.

Steps to reproduce:

Load the documentation url.
Paste https://www.howtocreate.co.uk/working/xssinject.php into the input at the top.
Click "Explore".

The script contained within the retrieved document is executed in the context of the website. Please let me know if you need any further details.

scottie1984 commented 2 years ago

suggest raising this directly with https://github.com/swagger-api/swagger-ui