CVE ID :CVE-2015-20118 Published : March 15, 2026, 6:34 p.m. | 1 hour, 3 minutes ago Description :Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability in the location_name parameter of the admin locations interface. Attackers can submit POST requests to the locations.php endpoint with JavaScript payloads in the location_name field to execute arbitrary code in administrator browsers. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...