GMS-2016-42: XSS in Consumes/Produces Parameter
Swagger-UI contains a cross site scripting (XSS) vulnerability in the consumes and produces parameters of the swagger JSON document for a given API. A maliciously crafted swagger JSON doc can be loaded via the URL query-string parameter url.
References
Detect and mitigate GMS-2016-42 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →