GHSA-F36P-42JV-8RH2 Lithium vulnerable to Cross Site Scripting in provided Swagger-UI
Impact A XSS vulnerability in the provided outdated Swagger-UI is exploitable in applications using lithium with Swagger-UI enabled. This allows an attacker gain Remote Code Execution RCE and potentially exfiltrate secrets in the context of this swagger session. Patches The used swagger-ui was...