Security Advisory

CVE-2018-25031

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-11 06:47:46

Last updated 2024-08-05 12:26:39

Assigner mitre

State PUBLISHED

Description

Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. Note: This was originally claimed to be resolved in 4.1.3. However, third parties have indicated this is not resolved in 4.1.3 and even occurs in that version and possibly others.

← Browse all CVEs View on cve.org ↗