Unrated severityNVD Advisory· Published Apr 14, 2025· Updated Apr 14, 2025
XSS in iKSORIS
CVE-2024-10090
Description
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for adding users with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0
Affected products
2- SoftCOM/iKSORISv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- cert.pl/en/posts/2025/04/CVE-2024-10087mitrethird-party-advisory
- www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.htmlmitreproduct
News mentions
0No linked articles in our index yet.