Leohearts

**Name of the Vulnerable Software and Affected Versions** AntSword version 2.1.8.1 **Description** The issue concerns a cross-site scripting (XSS) vulnerability in the View Site function. When viewing an added site, an XSS payload can be injected in the cookies view, potentially leading to remote code execution. **Recommendations** For AntSword version 2.1.8.1, consider disabling the View Site function until a patch is available to prevent potential exploitation. Restrict access to the cookies view to minimize the risk of XSS payload injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.