exploitDog

CVE-2024-49706

Опубликовано: 14 апр. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0

Ссылки

https://cert.pl/en/posts/2025/04/CVE-2024-10087
Third Party Advisory
https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:softcom.wroc:iksoris:*:*:*:*:*:*:*:*

Версия до 79.0 (исключая)

EPSS

Процентиль: 12%

0.00041

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

GHSA-rpmh-5wh2-6x37

CVSS3: 6.1

github

10 месяцев назад

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0

EPSS

Процентиль: 12%

0.00041

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601