CVE-2019-1570 (expedition)

The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
Source: NIST
CVE-2019-1570 (expedition)