CVE-2018-6904by Jeremyin Security Bulletinson Posted on April 15, 2018 PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action.