Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 home.html or 2 lands.html...