XSS in Intermark It Webcontrol Cms

CVE-2026-6953

HTML injection vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to send an email containing malicious HTML code to a victim via the contact form. To exploit this vulnerability, the attacker must se…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (27.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References