This vulnerability has been patched in version 79.0
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2024-54403 | Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form sent to login panel at /softcom/ with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0 |
Mon, 14 Apr 2025 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 14 Apr 2025 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form sent to login panel at /softcom/ with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0 | |
| Title | XSS in iKSORIS | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: CERT-PL
Published:
Updated: 2025-04-14T12:55:07.679Z
Reserved: 2025-01-21T15:34:41.905Z
Link: CVE-2024-13597
Updated: 2025-04-14T12:55:03.571Z
Status : Deferred
Published: 2025-04-14T12:15:14.680
Modified: 2026-06-17T07:02:20.237
Link: CVE-2024-13597
No data.
OpenCVE Enrichment
No data.
EUVD