Swagger UI 3.20.9 Released!

This release contains a security fix that addresses a cross-site scripting vulnerability. If you use Swagger UI to display untrusted OpenAPI documents, you should upgrade to this version ASAP.

This release also changes Swagger UI's OperationSummary component to better tolerate badly-formed (i.e., non-string) summary fields.

Changelog:

• fix: gracefully handle non-string operation summaries (via #5189, #5191)
• fix: sanitize URLs used for OAuth auth flow (via #5190)