2 matches found
CVE-2020-18766
A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands.
CVE-2020-25470
AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution.