Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix self XSS in request url. #541

Merged
merged 1 commit into from
Aug 24, 2014
Merged

Fix self XSS in request url. #541

merged 1 commit into from
Aug 24, 2014

Conversation

STRML
Copy link
Contributor

@STRML STRML commented Aug 24, 2014

A user who has copy/pasted data from another or has been tricked into pasting into the accessToken box could XSS him/herself.

It's a small vuln but simple to fix.

Imgur

fehguy added a commit that referenced this pull request Aug 24, 2014
Fix self XSS in request url.
@fehguy fehguy merged commit 3a7b66d into swagger-api:master Aug 24, 2014
vincent-zurczak pushed a commit to roboconf/swagger-ui that referenced this pull request Aug 18, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants