/tags/java/ Recent content in java on Security, Tech, And Ramblings Hugo -- gohugo.io en-us Copyright © {year} Sean Marpo. All Rights Reserved. Wed, 15 Jun 2022 11:20:46 -0700 /posts/2022/2022-06-15-springfox-xss-via-outdated-swagger-ui/ Wed, 15 Jun 2022 11:20:46 -0700 /posts/2022/2022-06-15-springfox-xss-via-outdated-swagger-ui/ I got my weekly TL;DR Sec newsletter on Thursday morning. I regularly browse the headlines for fun things to check out whenever I might have some actual downtime. I noticed a post about XSS in Swagger UI at: Hacking Swagger-UI - from XSS to account takeovers I did the usual perusal, noted down the concerns, and popped right on over to Sourcegraph to determine the future of my Thursday.