Unrated severityNVD Advisory· Published Apr 14, 2025· Updated Apr 14, 2025
XSS in iKSORIS
CVE-2024-49706
Description
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0
Affected products
2- Range: <79.0
- SoftCOM/iKSORISv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- cert.pl/en/posts/2025/04/CVE-2024-10087mitrethird-party-advisory
- www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.htmlmitreproduct
News mentions
0No linked articles in our index yet.