CVE-2026-6954

Cross-Site Scripting XSS vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to execute JavaScript code or inject a dynamic iframe into the victim’s browser by sending a malicious URL via the 'urlDestino' parameter in '/portal.do'. This vulnerability can be...

CVE-2026-6954 Multiple vulnerabilities in Intermark IT's WebControl CMS

Cross-Site Scripting XSS vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to execute JavaScript code or inject a dynamic iframe into the victim’s browser by sending a malicious URL via the 'urlDestino' parameter in '/portal.do'. This vulnerability can be...

CVE-2026-6954

Cross-Site Scripting XSS vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to execute JavaScript code or inject a dynamic iframe into the victim’s browser by sending a malicious URL via the 'urlDestino' parameter in '/portal.do'. This vulnerability can be...

CVE-2026-6954

CVE-2026-6954 describes a Cross-Site Scripting (XSS) vulnerability in Intermark IT's WebControl CMS v3.5. The issue enables an attacker to execute JavaScript or inject a dynamic iframe in a victim’s browser by sending a malicious URL via the ‘urlDestino’ parameter in /portal.do, potentially expos...