Cross Site Scripting (XSS) vulnerability in Advanced REST Client v.17.0.9 allows a remote malicious user to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function.