CVE-2026-6953: CWE-79 Improper neutralization of input during web page generation ('cross-site scripting') in Intermark IT WebControl CMS
CVE-2026-6953 is a medium severity HTML injection vulnerability in Intermark IT's WebControl CMS version 3.5. The flaw allows an attacker to inject malicious HTML code via the contact form parameters 'nombreApellidos', 'dirección ', and 'comentarios ' sent to the '/processContact.do' endpoint. Exploitation requires sending a crafted request to this endpoint, potentially resulting in cross-site scripting (CWE-79). No patch or official remediation guidance is currently available.
AI Analysis
Technical Summary
This vulnerability in Intermark IT WebControl CMS v3.5 is caused by improper neutralization of input during web page generation, specifically in the contact form processing at '/processContact.do'. An attacker can exploit this by submitting malicious HTML code through the 'nombreApellidos', 'dirección ', and 'comentarios ' parameters, leading to HTML injection that may execute in the victim's browser. The CVSS 4.0 base score is 5.1, reflecting a medium severity with network attack vector, low attack complexity, no privileges required, and requiring user interaction. No official fix or patch has been documented as of the publication date.
Potential Impact
Successful exploitation allows an attacker to inject malicious HTML content into emails sent via the contact form, potentially leading to cross-site scripting attacks against recipients. This can result in execution of arbitrary scripts in the context of the victim's browser, which may lead to session hijacking, phishing, or other malicious activities. However, the attack requires user interaction (the victim to receive and interact with the crafted email).
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should exercise caution when interacting with emails originating from the contact form of affected WebControl CMS instances. Implementing input validation and output encoding on the affected parameters may reduce risk, but official remediation should be prioritized once available.
CVE-2026-6953: CWE-79 Improper neutralization of input during web page generation ('cross-site scripting') in Intermark IT WebControl CMS
Description
CVE-2026-6953 is a medium severity HTML injection vulnerability in Intermark IT's WebControl CMS version 3.5. The flaw allows an attacker to inject malicious HTML code via the contact form parameters 'nombreApellidos', 'dirección ', and 'comentarios ' sent to the '/processContact.do' endpoint. Exploitation requires sending a crafted request to this endpoint, potentially resulting in cross-site scripting (CWE-79). No patch or official remediation guidance is currently available.
CVSS v4.0
Score 5.1medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in Intermark IT WebControl CMS v3.5 is caused by improper neutralization of input during web page generation, specifically in the contact form processing at '/processContact.do'. An attacker can exploit this by submitting malicious HTML code through the 'nombreApellidos', 'dirección ', and 'comentarios ' parameters, leading to HTML injection that may execute in the victim's browser. The CVSS 4.0 base score is 5.1, reflecting a medium severity with network attack vector, low attack complexity, no privileges required, and requiring user interaction. No official fix or patch has been documented as of the publication date.
Potential Impact
Successful exploitation allows an attacker to inject malicious HTML content into emails sent via the contact form, potentially leading to cross-site scripting attacks against recipients. This can result in execution of arbitrary scripts in the context of the victim's browser, which may lead to session hijacking, phishing, or other malicious activities. However, the attack requires user interaction (the victim to receive and interact with the crafted email).
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should exercise caution when interacting with emails originating from the contact form of affected WebControl CMS instances. Implementing input validation and output encoding on the affected parameters may reduce risk, but official remediation should be prioritized once available.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- INCIBE
- Date Reserved
- 2026-04-24T11:24:36.307Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a4391c127e9c79719866460
Added to database: 06/30/2026, 09:52:01 UTC
Last enriched: 06/30/2026, 10:06:42 UTC
Last updated: 06/30/2026, 10:49:02 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.