exploitDog

CVE-2024-10088

Опубликовано: 14 апр. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a login form with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0

Ссылки

https://cert.pl/en/posts/2025/04/CVE-2024-10087
Third Party Advisory
https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:softcom.wroc:iksoris:*:*:*:*:*:*:*:*

Версия до 79.0 (исключая)

EPSS

Процентиль: 13%

0.00043

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-ph7p-prrv-6wj5

CVSS3: 6.1

github

10 месяцев назад

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a login form with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0

EPSS

Процентиль: 13%

0.00043

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79