CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-49707

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for resetting user's password with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.8%

CVSS Severity

CVSS v3 Score 6.1

References

https://cert.pl/en/posts/2025/04/CVE-2024-10087
https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html

Products affected by CVE-2024-49707

Softcom.wroc » Iksoris » Version: N/A

cpe:2.3:a:softcom.wroc:iksoris:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-49707

Products

Pricing

Contact Us