CVE-2024-10089

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0

Description: The issue is related to Stored XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for changing user's data with a malicious script, which causes the script to run in the user's context.

Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to forms that allow user data changes to minimize the risk of exploitation. Avoid using malicious scripts in the affected forms until the issue is resolved.