Vulrep

Name of the Vulnerable Software and Affected Versions: code-projects Pharmacy Management System version 1.0 Description: A vulnerability was found in the Update My Profile Page component of the Pharmacy Management System. The issue affects an unknown part of the file `/index.php?id=userProfileEdit`. The manipulation of the arguments `fname`, `lname`, or `email` with malicious input, such as `<script>alert(1)</script>`, leads to cross-site scripting. This can be initiated remotely. Recommendations: For version 1.0, patch the system immediately and validate user input to prevent malicious script injection. As a temporary workaround, consider restricting access to the `/index.php?id=userProfileEdit` page until a patch is available. Avoid using the arguments `fname`, `lname`, or `email` in the affected page until the issue is resolved.