Inventory Management System is an inventory management system. Inventory Management System 20240320 and earlier versions suffer from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameters Category Name/Model Name/Brand Name/Unit Name, which can be exploited to execute arbitrary Web scripts or HTML by injecting a carefully crafted payload. An attacker can use this vulnerability to execute arbitrary Web script or HTML by injecting a well-designed payload.