Security Advisory

CVE-2024-13597

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-14 12:04:46
Last updated 2025-04-14 12:55:07
Assigner CERT-PL
State PUBLISHED

Description

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form sent to login panel at /softcom/ with a malicious script, what causes the script to run in users context.  This vulnerability has been patched in version 79.0