Hacking Swagger-UI - from XSS to account takeovers
Bug Bytes #170 - Evasive vulnerabilities, Hacking Swagger UI & Reverse engineering REST APIs - Intigriti
Murtada Kamil on Twitter: "Found Swagger API ? Try this XSS Reflected http://REDACTED/dochelper?userId=<script>alert(document.domain)</script> #BugBountyTips #infosec https://t.co/884JkwSjsC" / Twitter
XSS issue reported in Swagger UI · Issue #7986 · swagger-api/swagger-ui · GitHub
R7-2016-19: Persistent XSS via Unescaped Parameters in Swagger-UI (CVE-2016-5682) | Rapid7 Blog
Hacking Swagger-UI - from XSS to account takeovers
Found +6 DomXSS at different programs (Hacking Swagger-UI) | by Adham sayed (doosec101) | Apr, 2023 | Medium
![kassem on Twitter: "Yay, I was awarded a $500 bounty on @Hacker0x01! Bug: Dom based XSS using the swagger ui by [?configUrl=] parameter Tips: ?configUrl=https://t.co/eBpP5NrCqC https://t.co/573zhTCbKG #TogetherWeHitHarder" / Twitter](https://pbs.twimg.com/media/FkiHSDCXoA0IzCu?format=jpg&name=large "kassem on Twitter: \"Yay, I was awarded a $500 bounty on @Hacker0x01! Bug: Dom based XSS using the swagger ui by [?configUrl=] parameter Tips: ?configUrl=https://t.co/eBpP5NrCqC https://t.co/573zhTCbKG #TogetherWeHitHarder\" / Twitter")
kassem on Twitter: "Yay, I was awarded a $500 bounty on @Hacker0x01! Bug: Dom based XSS using the swagger ui by [?configUrl=] parameter Tips: ?configUrl=https://t.co/eBpP5NrCqC https://t.co/573zhTCbKG #TogetherWeHitHarder" / Twitter
Hacking Swagger-UI - from XSS to account takeovers
Swagger UI Library Vulnerability Potentially Affects Multiple Services
Swagger Api DOM-XSS poc on Private Program - YouTube
Swagger-UI 从XSS到账户接管| CTF导航
List: Bug | Curated by Maxx_191 | Medium
Hacking Swagger-UI - from XSS to account takeovers
spring boot集成swagger,自定义注解,拦截器,xss 过滤,异步调用,定时任务案例..._weixin_33859665的博客-CSDN博客
Hacking Swagger-UI - from XSS to account takeovers
Swagger Editor v2.9.9 "description" Key DOM-based Cross-Site Scripting · Issue #908 · swagger-api/swagger-editor · GitHub
Acunetix improves user experience and notifications | Acunetix
Hacking Swagger-UI - from XSS to account takeovers
Improving application security in an ASP.NET Core API using HTTP headers – Part 3 | Software Engineering
Widespread Swagger-UI library vulnerability leads to DOM XSS attacks | The Daily Swig
渗透技巧基于Swagger-UI的XSS_swagger-ui漏洞_A知冰的博客-CSDN博客
Hacking Swagger-UI - from XSS to account takeovers
Issue 186: Kubernetes API servers exposed, vulnerability in Swagger-UI library, Google views on API economy - API Security News
ZAP Scans not work for URL which have special chars (Because of URL Encoding)
Hacking Swagger-UI - from XSS to account takeovers
