CVE-2006-5853

2006-11-1002:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.012

Percentile

85.0%

JSON

Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy CMS (Immediacy .NET CMS) 5.2 allows remote attackers to inject arbitrary web script or HTML via the lang parameter, which is returned to the client in a lang cookie.

References

securityreason.com/securityalert/1845

www.procheckup.com/Vulner_PR0506.php

www.securityfocus.com/archive/1/450960

www.securityfocus.com/bid/20965

exchange.xforce.ibmcloud.com/vulnerabilities/30136