Back to search
CVE-2024-13598
Published: Apr 14, 2025
Modified: Apr 14, 2025
PUBLISHED
Description
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. Using a functionality of creating new form fields one creates new parameters vulnerable to XSS attacks. A user tricked into filling such a form with a malicious script will run the code in their's context. This vulnerability has been patched in version 79.0
| Vendor | Product | Versions |
|---|---|---|
SoftCOM | iKSORIS | affected 0 - < 79.0 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now