CVE-2006-5853

2006-11-1002:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.1%

JSON

Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy CMS (Immediacy .NET CMS) 5.2 allows remote attackers to inject arbitrary web script or HTML via the lang parameter, which is returned to the client in a lang cookie.

References

securityreason.com/securityalert/1845

www.procheckup.com/Vulner_PR0506.php

www.securityfocus.com/archive/1/450960

www.securityfocus.com/bid/20965

exchange.xforce.ibmcloud.com/vulnerabilities/30136