Cross-Site Scripting Vulnerability in ImpressCMS by ImpressCMS
CVE-2010-4616

Currently unrated

Key Information:

Vendor: Impresscms
Status: Impresscms
Vendor: CVE Published:; 29 December 2010

What is CVE-2010-4616?

A Cross-Site Scripting (XSS) vulnerability was identified in the ImpressCMS platform, specifically in the modules/content/admin/content.php file. This flaw allows remote attackers to insert arbitrary web scripts or HTML through the 'quicksearch_ContentContent' parameter. Exploiting this vulnerability can lead to unauthorized access, data theft, and manipulation of user sessions, posing significant security risks to both users and administrators of affected ImpressCMS versions.

References

http://www.htbridge.ch/advisory/xss_vulnerability_in_impr...

x_refsource_MISC

http://community.impresscms.org/modules/smartsection/item...

x_refsource_CONFIRM

http://secunia.com/advisories/42695

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2010
Vulnerability Reserved
Dec 29, 2010

CVE-2010-4616 Data

JSON

Impresscms

What is CVE-2010-4616?

References

Timeline