A Cross Site Request Forgery (CSRF) vulnerability exists in iCMS 7.0.16 which can allow an malicious user to execute arbitrary web scripts.
idreamsoft icms 7.0.16