@ePaul comments added to description.

Author: sdavis-r7

modules/exploits/multi/fileformat/swagger_param_inject.rb

@@ -27,10 +27,11 @@ def initialize(info = {})
         This module generates a Open API Specification 2.0 (Swagger) compliant json
         document that includes payload insertion points in parameters.
 
-        In order for the payload to be executed, an attacker must convince someone to
-        open a specially modified swagger.json file with with a vulnerable swagger-codgen
-        appliance/container/api/service. By doing so, an attacker can
-        execute arbitrary code as the victim user.
+        In order for the payload to be executed, an attacker must convince someone to 
+        generate code from a specially modified swagger.json file within a vulnerable swagger-codgen 
+        appliance/container/api/service, and then to execute that generated code (or include it into 
+        software which will later be executed by another victim). By doing so, an attacker can execute 
+        arbitrary code as the victim user.  (The same vulnerability exists in the YAML format)
       },
       'License'        => MSF_LICENSE,
       'Author'         =>