Supply‑Chain XSS in Mintlify Let Attackers Run JS on Discord, X, and More
1167
An exposed Mintlify static endpoint let malicious SVGs run on customer primary domains, creating a widespread supply-chain XSS affecting Discord, X, and many others.
An exposed Mintlify static endpoint let malicious SVGs run on customer primary domains, creating a widespread supply-chain XSS affecting Discord, X, and many others.