CVE-2020-25470

AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt