Cross Site Scripting XSS

iDempiere has an XSS Stored vulnerability: it's possible to execute arbitrary javascript code.