Launchpad.net

CVE 2016-1000229

swagger-ui has XSS in key names

See the CVE page on Mitre.org for more details.