Curry136

**Name of the Vulnerable Software and Affected Versions** code-projects Farmacia version 1.0 **Description** A problematic issue was found in the code, affecting an unknown function of the file /adicionar-cliente.php. The manipulation of the `nome`, `cpf`, and `dataNascimento` arguments leads to cross-site scripting. It is possible to launch the attack remotely. The issue has been disclosed to the public. **Recommendations** For code-projects Farmacia version 1.0, consider disabling the affected function in the /adicionar-cliente.php file as a temporary workaround until a patch is available. Restrict access to the `nome`, `cpf`, and `dataNascimento` parameters in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.