{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T06:40:31.404","vulnerabilities":[{"cve":{"id":"CVE-2024-10090","sourceIdentifier":"cvd@cert.pl","published":"2025-04-14T12:15:14.533","lastModified":"2026-06-17T06:54:53.527","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for adding users with a malicious script, what causes the script to run in user's context. \nThis vulnerability has been patched in version 79.0"},{"lang":"es","value":"Internet Starter, uno de los módulos del sistema SoftCOM iKSORIS, es vulnerable a ataques XSS reflejado (Cross-site Scripting). Un atacante podría engañar a un usuario para que rellene un formulario diseñado para agregar usuarios con un script malicioso, lo que provoca que este se ejecute en el contexto del usuario. Esta vulnerabilidad ha sido corregida en la versión 79.0."}],"affected":[{"source":"cvd@cert.pl","affectedData":[{"vendor":"SoftCOM","product":"iKSORIS","defaultStatus":"unaffected","modules":["Internet Starter"],"versions":[{"version":"0","lessThan":"79.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-14T12:55:33.428936Z","id":"CVE-2024-10090","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:softcom.wroc:iksoris:*:*:*:*:*:*:*:*","versionEndExcluding":"79.0","matchCriteriaId":"FBEAE944-6510-4EC5-9B56-3A279DCD02D3"}]}]}],"references":[{"url":"https://cert.pl/en/posts/2025/04/CVE-2024-10087","source":"cvd@cert.pl","tags":["Third Party Advisory"]},{"url":"https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html","source":"cvd@cert.pl","tags":["Product"]}]}}]}