CVE-2026-30661 identifies a Cross-Site Scripting (XSS) vulnerability in the iCMS content management system, version 8.0.0. The vulnerability resides in the User Management component, specifically within the index.html file, where the regip and loginip parameters are not properly sanitized. This lack of input validation allows remote attackers to inject arbitrary JavaScript or HTML code, which executes in the context of the victim's browser. Such XSS attacks can lead to session hijacking, credential theft, unauthorized actions on behalf of users, or redirection to malicious sites. The vulnerability does not require authentication, increasing its risk profile. Although no public exploits are currently known, the presence of this flaw in a widely used CMS component makes it a potential target for attackers. The absence of a CVSS score indicates the need for manual severity assessment. The vulnerability's exploitation scope includes any web application running iCMS 8.0.0 with the vulnerable User Management interface exposed. The lack of patches or mitigation guidance in the provided data suggests that organizations must implement immediate input validation and output encoding controls to reduce risk until official fixes are released.

The exploitation of this XSS vulnerability can compromise the confidentiality and integrity of user data by enabling attackers to steal session cookies, impersonate users, or manipulate web content. This can lead to unauthorized access to user accounts, data leakage, and potential further exploitation within the affected system. Additionally, successful attacks can damage organizational reputation and trust, especially if customer-facing portals are affected. The availability impact is generally low for XSS but could be indirectly affected if attackers use the vulnerability to inject disruptive scripts. Since no authentication is required, the attack surface is broad, increasing the likelihood of exploitation. Organizations relying on iCMS 8.0.0 for critical web services may face significant operational and security risks if this vulnerability is exploited.

Organizations should immediately implement strict input validation and output encoding on the regip and loginip parameters within the User Management component to prevent script injection. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts. Monitor web traffic for suspicious requests targeting these parameters. Restrict access to the User Management interface to trusted IPs or authenticated users where possible. Stay alert for official patches or updates from iCMS vendors and apply them promptly once available. Conduct regular security assessments and penetration testing focusing on XSS vulnerabilities. Educate developers on secure coding practices to prevent similar issues in future releases. Consider deploying Web Application Firewalls (WAFs) with rules to detect and block XSS payloads targeting these parameters.