NVD Vulnerability Detail
Search Exploit, PoC
CVE-2026-6953
Summary

HTML injection vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to send an email containing malicious HTML code to a victim via the contact form. To exploit this vulnerability, the attacker must send a request using the 'nombreApellidos', 'dirección ', and 'comentarios ' parameters to '/processContact.do'.

Publication Date June 30, 2026, 7:16 p.m.
Registration Date July 1, 2026, 4:23 a.m.
Last Update June 30, 2026, 11:14 p.m.
Related information, measures and tools
Common Vulnerabilities List