The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
https://www.tenable.com/security/research/tra-2019-13
https://securityadvisories.paloaltonetworks.com/Home/Detail/142