Vulnerability Description
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form sent to login panel at /softcom/ with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in version 79.0
Related Weaknesses (CWE)
References
- https://cert.pl/en/posts/2025/04/CVE-2024-10087
- https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html
FAQ
What is CVE-2024-13597?
CVE-2024-13597 is a documented vulnerability. Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form sent to login panel at /softc...
How severe is CVE-2024-13597?
CVSS scoring is not yet available for CVE-2024-13597. Check NVD for updates.
Is there a patch for CVE-2024-13597?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.