Vulnerabilities > Antsword Project

DATE CVE VULNERABILITY TITLE RISK
2020-10-26 CVE-2020-18766 Cross-site Scripting vulnerability in Antsword Project Antsword 2.0.7
A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands.
network
low complexity
antsword-project CWE-79
critical
9.6
2020-10-26 CVE-2020-25470 Cross-site Scripting vulnerability in Antsword Project Antsword 2.1.8.1
AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability in the View Site funtion.
network
low complexity
antsword-project CWE-79
6.1
2019-07-19 CVE-2019-13970 Cross-site Scripting vulnerability in Antsword Project Antsword
In antSword before 2.1.0, self-XSS in the database configuration leads to code execution via modules/database/asp/index.js, modules/database/custom/index.js, modules/database/index.js, or modules/database/php/index.js.
network
low complexity
antsword-project CWE-79
6.1