Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-4jqw-vfmj-9rmh: Cross-site Scripting in yapi-vendor

Cross Site Scripting (XSS) vulnerability in yapi 1.9.1 allows attackers to execute arbitrary code via the /interface/api edit page.

ghsa
Open in Source
#xss#vulnerability#git

Cross-site Scripting in yapi-vendor

Moderate severity GitHub Reviewed Published Jan 26, 2023 to the GitHub Advisory Database • Updated Jan 27, 2023

Related news

CVE-2021-36686: Stored XSS in remarks of the interface · Issue #2190 · YMFE/yapi

Cross Site Scripting (XSS) vulnerability in yapi 1.9.1 allows attackers to execute arbitrary code via the /interface/api edit page.

ghsa: Latest News

GHSA-g85v-wf27-67xc: Harden-Runner has a command injection weaknesses in `setup.ts` and `arc-runner.ts`
ghsa