CVE-2016-5682

CVE-2016-5682

EPSS 1.0%

Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section.

Affected products

n/a · Swagger-UI before 2.2.1

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://community.rapid7.com/community/infosec/blog/2016/09/02/r7-2016-19-persistent-xss-via-unescaped-parameters-in-swagger-ui