A vulnerability categorized as problematic has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0 . Affected by this issue is the function create_supplier of the file /ShowForm/create_supplier/main . Executing a manipulation of the argument company_name can lead to cross site scripting. This vulnerability is tracked as CVE-2026-10245 . The attack can be launched remotely. Moreover, an exploit is present.