Unrated severityNVD Advisory· Published Apr 14, 2025· Updated Apr 14, 2025
XSS in iKSORIS
CVE-2024-10087
Description
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might craft a link containing a malicious script, which then gets directly embedded in references to other resources, what causes the script to run in user's context multiple times. This vulnerability has been patched in version 79.0
Affected products
2- Range: <79.0
- SoftCOM/iKSORISv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- cert.pl/en/posts/2025/04/CVE-2024-10087mitrethird-party-advisory
- www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.htmlmitreproduct
News mentions
0No linked articles in our index yet.