Auspicious-Rook

**Name of the Vulnerable Software and Affected Versions** LionCoders SalePro POS version 5.4.8 **Description** A stored Cross-site scripting (XSS) issue exists within the Customer Management Module. An authenticated attacker can inject arbitrary web script or HTML through the `Customer Name` parameter during customer profile creation or modification. Improper sanitization of this input before storage and rendering results in script execution in the browsers of users viewing the affected customer details. **Recommendations** Apply updates to address the improper sanitization of the `Customer Name` parameter in the Customer Management Module.