Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize CSV file uploads, allowing attackers to inject malicious scripts through filename parameters in multipart form data. Attackers can upload files with XSS payloads in the filename field to execute arbitrary JavaScript in users' browsers when the file is processed or displayed.
AnalysisAI
Stored cross-site scripting (XSS) vulnerability in Next Click Ventures RealtyScript 4.0.2 that allows unauthenticated attackers to inject malicious scripts through unsanitized CSV file upload filenames. When users process or view uploaded files, arbitrary JavaScript executes in their browsers with the ability to steal session cookies, modify page content, and perform actions on behalf of the victim. A public proof-of-concept exploit exists (Exploit-DB #38496), though no evidence of active KEV exploitation has been documented; the moderate CVSS score (6.1) reflects the requirement for user interaction to trigger the vulnerability.
Technical ContextAI
The vulnerability stems from improper input validation in the file upload handler (CWE-79: Improper Neutralization of Input During Web Page Generation) within RealtyScript's CSV import functionality. The application fails to sanitize the 'filename' parameter in multipart form data before storing or rendering it in the application context. When the filename containing XSS payloads (e.g., '<img src=x onerror="alert(1)">') is subsequently displayed in file listings, download links, or processing status pages, the browser interprets and executes the embedded JavaScript. This is a stored XSS variant because the malicious payload persists in the application state and affects all users who access the file metadata. The CPE identifier (cpe:2.3:a:next_click_ventures:realtyscript:*:*:*:*:*:*:*:*) confirms the vulnerability affects RealtyScript across its product line; version 4.0.2 is specifically documented as vulnerable.
More in Realtyscript
View allMultiple time-based blind SQL injection vulnerabilities in RealtyScript 4.0.2 allow unauthenticated remote attackers to
A stored cross-site scripting (XSS) vulnerability exists in RealtyScript 4.0.2's admin locations interface, allowing una
Stored cross-site scripting (XSS) vulnerability in Next Click Ventures RealtyScript 4.0.2 that allows attackers to uploa
RealtyScript 4.0.2 contains a stored cross-site scripting (XSS) vulnerability in the pages.php admin interface that allo
A cross-site scripting vulnerability in Next Click Ventures RealtyScript 4.0.2 (CVSS 6.1) that allows attackers. Risk fa
RealtyScript 4.0.2 contains a cross-site request forgery (CSRF) vulnerability in its user management endpoints that allo
RealtyScript 4.0.2 by Next Click Ventures contains both cross-site request forgery (CSRF) and persistent cross-site scri
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2015-9413