CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-10087

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might craft a link containing a malicious script, which then gets directly embedded in references to other resources, what causes the script to run in user's context multiple times. This vulnerability has been patched in version 79.0

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.7%

CVSS Severity

CVSS v3 Score 5.4

References

https://cert.pl/en/posts/2025/04/CVE-2024-10087
https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html

Products affected by CVE-2024-10087

Softcom.wroc » Iksoris » Version: N/A

cpe:2.3:a:softcom.wroc:iksoris:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-10087

Products

Pricing

Contact Us