Blair77

**Name of the Vulnerable Software and Affected Versions** SourceCodester Phone Shop Sales Managements System version 1.0 **Description** A problematic vulnerability was found in the CAPTCHA Handler component, specifically affecting unknown code of the file /osms/assets/plugins/jquery-validation-1.11.1/demo/captcha/index.php. This leads to cross-site scripting and can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For SourceCodester Phone Shop Sales Managements System version 1.0, consider disabling the CAPTCHA Handler component until a patch is available. Restrict access to the file /osms/assets/plugins/jquery-validation-1.11.1/demo/captcha/index.php to minimize the risk of exploitation. Avoid using the `captcha` functionality in the affected system until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.