Denil Xavier

**Name of the Vulnerable Software and Affected Versions** SourceCodester Web-based Pharmacy Product Management System version 1.0 **Description** A security flaw exists in SourceCodester Web-based Pharmacy Product Management System 1.0. The issue impacts an unknown function within the `edit-profile.php` file. Manipulating the `fullname` argument can lead to cross site scripting. The attack can be initiated remotely, and the exploit has been publicly released. **Recommendations** Apply any available updates or patches for version 1.0. As a temporary workaround, consider sanitizing the `fullname` input to prevent script injection. Restrict access to the `edit-profile.php` file if possible.