Php Scripts Mall · Php Scripts Mall Entrepreneur B2B Script · CVE-2018-20138
**Name of the Vulnerable Software and Affected Versions**
PHP Scripts Mall Entrepreneur B2B Script version 3.0.6
**Description**
The issue allows for Stored XSS attacks through certain fields in the Account Settings, such as `FirstName` and `LastName`. This is similar to a previously identified issue.
**Recommendations**
For PHP Scripts Mall Entrepreneur B2B Script version 3.0.6, consider validating and sanitizing user input for the `FirstName` and `LastName` fields in the Account Settings to prevent XSS attacks. As a temporary workaround, restrict access to these fields until a proper fix is applied.