docsy icon indicating copy to clipboard operation
docsy copied to clipboard
verified publisher icon google

swagger-ui DOM XSS

Open blockisec opened this issue 3 years ago • 2 comments

The swagger-ui which is used by docsy is outdated and prune to a DOM XSS vulnerability.

blockisec avatar Jun 28 '22 05:06 blockisec

@theletterf do you want to take a look at this, I know you added this shortcode?

LisaFC avatar Jun 30 '22 18:06 LisaFC

Hi there! Sorry, I was on paternity leave.

I guess you'd have to update the swagger-ui dependency, or add it as a dependency even.

theletterf avatar Aug 16 '22 13:08 theletterf

@theletterf - is this something you are name able to help with? Thanks!

chalin avatar May 04 '23 15:05 chalin

I think so. Let me have a look. Could you assign this one to me?

theletterf avatar May 05 '23 05:05 theletterf