CVE-2026-30661

Cross‑Site Scripting via regip/Loginip Parameters in iCMS v8.0.0

Description

iCMS v8.0.0 contains a Cross-Site Scripting (XSS) vulnerability in the User Management component, specifically within the index.html file. This allows remote attackers to execute arbitrary web script or HTML via the regip or loginip parameters.

INFO

Published Date :

2026-03-24T00:00:00.000Z

Last Modified :

2026-03-24T18:47:24.865Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2026-30661 vulnerability.

Vendors	Products
Icms	Icms
Idreamsoft	Icms

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-30661.

URL	Resource
https://wang1rrr.github.io/2026/02/09/CVE-Report-iCMS-v8.0.0-XSS/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact