CVE-2024-49707

Date: 2024-10-17

CVE Link

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for resetting user's password with a malicious script, what causes the script to run in user's context. 
This vulnerability has been patched in version 79.0

References:

• third-party-advisory
• product