← back
CVE-2006-5853

CVE-2006-5853

EPSS 2.0%
Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy CMS (Immediacy .NET CMS) 5.2 allows remote attackers to inject arbitrary web script or HTML via the lang parameter, which is returned to the client in a lang cookie.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/28941unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securityreason.com/securityalert/1845https://exchange.xforce.ibmcloud.com/vulnerabilities/30136http://www.procheckup.com/Vulner_PR0506.phphttp://www.securityfocus.com/archive/1/450960http://www.securityfocus.com/bid/20965