Description
Cross Site Scripting (XSS) vulnerability in yapi 1.9.1 allows attackers to execute arbitrary code via the /interface/api edit page.
Remediation
References
https://github.com/YMFE/yapi/issues/2190
https://github.com/YMFE/yapi/issues/2240
Related Vulnerabilities
CVE-2019-18954 Vulnerability in npm package pomelo
CVE-2021-32770 Vulnerability in npm package gatsby-source-wordpress
CVE-2017-16008 Vulnerability in maven package org.webjars:i18next
CVE-2022-36097 Vulnerability in maven package org.xwiki.platform:xwiki-platform-attachment-ui
CVE-2021-21695 Vulnerability in maven package org.jenkins-ci.main:jenkins-core