GHSA-mr42-h3r5-v8g5Medium

HTML injection vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an...

Published
June 30, 2026
Last Modified
June 30, 2026

🔗 CVE IDs covered (1)

📋 Description

HTML injection vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to send an email containing malicious HTML code to a victim via the contact form. To exploit this vulnerability, the attacker must send a request using the 'nombreApellidos', 'dirección ', and 'comentarios ' parameters to '/processContact.do'.

🔗 References (3)