VDB
CNVD-2017-06641
CNVD-2017-06641
PUBLISHED
swagger-ui是一套API在线文档生成和测试工具。 swagger-ui存在跨站脚本漏洞,该漏洞源于程序未能充分的过滤用户提交的输入。远程攻击者可利用该漏洞在浏览器中执行任意代码。
Timeline
- Apr 25, 2017 CVE ID Reserved
- May 16, 2017 CVE Published
Tip. Type any identifier and press Enter to open its detail page. Hit ⌘K from anywhere to focus the bar.
Open the full search in the app →swagger-ui是一套API在线文档生成和测试工具。 swagger-ui存在跨站脚本漏洞,该漏洞源于程序未能充分的过滤用户提交的输入。远程攻击者可利用该漏洞在浏览器中执行任意代码。