R7-2016-19: Persistent XSS via Unescaped Parameters in Swagger-UI (CVE-2016-5682) | Rapid7 Blog
Hacking Swagger-UI - from XSS to account takeovers
Found +6 DomXSS at different programs (Hacking Swagger-UI) | by Adham sayed (doosec101) | Apr, 2023 | Medium
kassem on Twitter: "Yay, I was awarded a $500 bounty on @Hacker0x01! Bug: Dom based XSS using the swagger ui by [?configUrl=] parameter Tips: ?configUrl=https://t.co/eBpP5NrCqC https://t.co/573zhTCbKG #TogetherWeHitHarder" / Twitter
Hacking Swagger-UI - from XSS to account takeovers