Cross-Site Scripting (XSS)
total4 is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of user-input sanitization in replace parameter of internal.js which allows an attacker to inject and execute arbitrary JavaScript into the browser...