Unrated severityNVD Advisory· Published Mar 24, 2026· Updated Mar 24, 2026

CVE-2026-30661

Description

iCMS v8.0.0 contains a Cross-Site Scripting (XSS) vulnerability in the User Management component, specifically within the index.html file. This allows remote attackers to execute arbitrary web script or HTML via the regip or loginip parameters.

Affected products

iCMS/iCMSdescription
Icms Content Management Systems/Icmsllm-fuzzy
Range: = 8.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wang1rrr.github.io/2026/02/09/CVE-Report-iCMS-v8.0.0-XSS/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000