Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-13597

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form sent to login panel at /softcom/ with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0

Published

2025-04-14T12:15:14.680

Last Modified

2025-04-15T18:39:27.967

Status

Awaiting Analysis

Source

[email protected]

Severity

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

References

https://cert.pl/en/posts/2025/04/CVE-2024-10087 ([email protected])
https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html ([email protected])