A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /manage_customer.php of the component Manage Customer Page. The manipulation of the argument suppliers_name/address leads to cross site scripting.
This vulnerability is known as CVE-2024-10198. The attack can be launched remotely. Furthermore, there is an exploit available.
The initial researcher advisory mentions contradicting files to be affected. Other parameters might be affected as well.