This vulnerability in WebCodingPlace Real Estate Manager Pro (<= 12.7.3) is a reflected XSS caused by improper input neutralization during web page generation. An attacker can craft malicious input that is reflected in the web page without proper sanitization, enabling script execution in the victim's browser. The CVSS 3.1 score is 7.1, indicating high severity with network attack vector, low attack complexity, no privileges required, user interaction required, scope changed, and impacts on confidentiality, integrity, and availability.

Successful exploitation allows attackers to execute arbitrary scripts in the context of the affected web application, potentially leading to partial disclosure of sensitive information, modification of data, and disruption of service availability. The scope change in the CVSS vector indicates that the vulnerability can affect resources beyond the initially vulnerable component.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should apply standard XSS mitigations such as input validation and output encoding where possible. Monitor vendor channels for updates and apply patches promptly once released.