CVE-2019-20441: Stored XSS in WSO2 API Manager 2.6.0