TestLink v1.9.20 exists to contain a stored cross-site scripting (XSS) vulnerability via /lib/inventory/inventoryView.php.
testlink testlink 1.9.20