Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-10090

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for adding users with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0

Published

2025-04-14T12:15:14.533

Last Modified

2025-10-28T17:11:58.043

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	softcom.wroc	iksoris	< 79.0	Yes

References

https://cert.pl/en/posts/2025/04/CVE-2024-10087 Third Party Advisory ([email protected])
https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html Product ([email protected])