Exploit for #VU64011 Input validation error in Swagger UI

Exploit for #VU64011 Input validation error in Swagger UI

Published: 2023-04-16 | Updated: 2023-08-02

Vulnerability identifier: #VU64011

Vulnerability risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-25031

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 2

August 2, 2023
- CVE-2018-25031 (.json and .yaml files used to exploit CVE-2018-25031) [Github]
April 16, 2023
- SwaggerUI-CVE-2018-25031 (Exploit Swagger UI - User Interface (UI) Misrepresentation of Critical Information (CVE-2018-25031)) [Github]

Impact: Information disclosure

Vulnerable software:
Swagger UI
Web applications / Other software

Vendor: SmartBear