PartKeepr is an inventory management software. Designed primarily for electronic components, PartKeepr version 1.4.0 suffers from a cross-site scripting vulnerability that stems from a lack of name parameters in multiple api ports of the edit module to filter user-supplied data and output data checks. An attacker could exploit the vulnerability to execute JavaScript code on the client side.