CVE-2015-20114

| EUVD-2015-9409 MEDIUM
2026-03-15 VulnCheck
6.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
PoC Detected
Mar 16, 2026 - 14:53 vuln.today
Public exploit code
EUVD ID Assigned
Mar 15, 2026 - 19:00 euvd
EUVD-2015-9409
Analysis Generated
Mar 15, 2026 - 19:00 vuln.today
CVE Published
Mar 15, 2026 - 18:34 nvd
MEDIUM 6.1

Tags

XSS Realtyscript

Description

Next Click Ventures RealtyScript 4.0.2 contains a cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious input through multiple parameters that are not properly sanitized. Attackers can craft requests with injected script payloads in vulnerable parameters to execute code in users' browser sessions within the context of the affected application.

Analysis

A cross-site scripting vulnerability in Next Click Ventures RealtyScript 4.0.2 (CVSS 6.1) that allows attackers. Risk factors: public PoC available.

Technical Context

CWE-79 (Cross-site Scripting). Affects Next Click Ventures RealtyScript 4.0.2.

Affected Products

['Next Click Ventures RealtyScript 4.0.2']

Remediation

Monitor vendor channels for patch availability.

Priority Score

51
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +30
POC: +20

Share

CVE-2015-20114 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy