CVE-2015-20114

Name of the Vulnerable Software and Affected Versions RealtyScript version 4.0.2

Description RealtyScript 4.0.2 contains a cross-site scripting issue that allows attackers to execute arbitrary HTML and script code. This is achieved by injecting malicious input through multiple parameters that are not properly sanitized. Attackers can craft requests with injected script payloads in vulnerable parameters to execute code in users' browser sessions within the context of the affected application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.