Nirhaas

**Name of the Vulnerable Software and Affected Versions** orval versions prior to 7.18.0 **Description** orval generates type-safe JS clients (TypeScript) from OpenAPI specifications. Before version 7.18.0, the server generation logic in the MCP component used string manipulation on the `summary` field from the OpenAPI specification without sufficient validation or escaping. This allows for the injection of arbitrary code by exploiting a string literal breakout. The `summary` field is a part of the OpenAPI specification used to provide a brief description of an operation. **Recommendations** Update to version 7.18.0 or later.