Vulnerabilities > Smartbear > Swagger UI > 3.23.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-11 | CVE-2018-25031 | Improper Input Validation vulnerability in Smartbear Swagger UI Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. | 4.3 |
| 2019-10-10 | CVE-2019-17495 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. | 9.8 |