Litingqiao

**Name of the Vulnerable Software and Affected Versions** SourceCodester Computer Parts Sales and Inventory System version 1.0 **Description** A problematic issue was found in the Add Supplier Handler component, where the manipulation of the `company name`, `province`, `city`, and `phone number` arguments leads to cross-site scripting. This can be launched remotely. **Recommendations** For version 1.0, consider disabling the Add Supplier Handler component until a patch is available. Restrict access to the arguments `company name`, `province`, `city`, and `phone number` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.