An HTML Injection vulnerability was discovered in the Swagger UI, which could potentially allow attackers to inject malicious HTML content. This vulnerability could be exploited to execute arbitrary scripts in the context of the user's browser, leading to cross-site scripting (XSS) attacks and other malicious activities.
https://hackerone.com/reports/2534300