Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4396


Vulnerability Score 4.3 4.3
CVE Id CVE-2005-4396
Last Modified 05 Sep 2008 04:56:47
Published 20 Dec 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources.

Vulnerable Systems


  • Icms Content Management Systems Icms


SECUNIA - 18085

OSVDB - 21809

Last Updated: 27 May 2016 10:41:16