A cross-site scripting vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia. The vulnerability stems from a stored cross-site scripting (XSS) vulnerability contained in the Post Ads component. An attacker could exploit this vulnerability to conduct cross-site scripting attacks.