The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
{
"cwe_ids": [
"CWE-1021"
],
"severity": "MODERATE",
"github_reviewed_at": "2022-03-14T23:32:38Z",
"github_reviewed": true,
"nvd_published_at": "2022-03-11T07:15:00Z"
}