CVE-2024-49706

Medium CVSS: 5.1

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints.
This vulnerability has been patched in version 79.0

Vendor

Softcom.wroc

Product

Iksoris

CWE

CWE-601

Yayın Tarihi

2025-04-14 12:15:15

Güncelleme

2025-10-28 17:10:03

Source Identifier

cvd@cert.pl

KEV Date Added

Kategoriler

CWE-601 Iksoris MEDIUM Softcom.wroc 2025

Referanslar

https://cert.pl/en/posts/2025/04/CVE-2024-10087 https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html

Benzer Kayıtlar

Medium

CVE-2024-49705

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to client-side Denial of Servise (DoS) attacks. A…

Medium

CVE-2024-49707

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks.…

Medium

CVE-2024-49708

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Stored XSS (Cross-site Scripting) attacks. An…

Low

CVE-2024-49709

Internet Starter, one of SoftCOM iKSORIS system modules, allows for setting an arbitrary session cookie value. An attack…

Medium

CVE-2024-13598

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks.…

Medium

CVE-2024-10088

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks.…