CVE-2026-43892

Published May 12th, 2026

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16.

AntSwordProject/antSword

中国蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.

GitHub

4.59K