Vulnerabilities > CVE-2006-5853 - Cross-Site Scripting vulnerability in Immediacy .Net CMS 5.2

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
immediacy
exploit available
NVD
Published: 2006-11-10
Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy CMS (Immediacy .NET CMS) 5.2 allows remote attackers to inject arbitrary web script or HTML via the lang parameter, which is returned to the client in a lang cookie.

Vulnerable Configurations

Part Description Count
Application
Immediacy
1

Exploit-Db

descriptionImmediacy .NET CMS 5.2 Logon.ASPX Cross-Site Scripting Vulnerability. CVE-2006-5853. Webapps exploit for asp platform
idEDB-ID:28941
last seen2016-02-03
modified2006-11-08
published2006-11-08
reporterGemma Hughes
sourcehttps://www.exploit-db.com/download/28941/
titleImmediacy .NET CMS 5.2 Logon.ASPX Cross-Site Scripting Vulnerability

References