CVE-2023-35792 in Intella Connect
Summary
by MITRE • 07/31/2023
Vound Intella Connect 2.6.0.3 is vulnerable to stored Cross-site Scripting (XSS).
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 01/10/2026
The vulnerability identified as CVE-2023-35792 affects Vound Intella Connect version 2.6.0.3 and represents a critical stored cross-site scripting flaw that enables attackers to inject malicious scripts into the application's data storage. This vulnerability resides within the web application's input validation mechanisms, where user-supplied data is not properly sanitized before being stored and subsequently rendered back to users. The affected system processes user inputs through various interfaces including administrative panels, user registration forms, and data entry points, creating multiple attack vectors for exploitation.
Stored XSS vulnerabilities occur when malicious scripts are permanently stored on the server and executed each time affected users access the compromised data. In the context of Vound Intella Connect, this means that an attacker who can submit malicious content through the application's interface can potentially compromise the sessions of other users who view that content. The vulnerability stems from inadequate output encoding and input validation practices within the application's backend processing logic, allowing attackers to inject javascript payloads that execute in the context of other users' browsers. This flaw directly maps to CWE-79 which defines cross-site scripting as the failure to properly escape or encode output data, and aligns with ATT&CK technique T1531 which describes the use of malicious inputs to compromise web applications.
The operational impact of this vulnerability extends beyond simple script execution, as it can enable attackers to perform session hijacking, steal sensitive user credentials, access restricted functionalities, and potentially escalate privileges within the application. Attackers could leverage this vulnerability to establish persistent access to the system, modify user permissions, or exfiltrate confidential data stored within the Intella Connect environment. The stored nature of the vulnerability means that the malicious payload remains active even after the initial injection, allowing attackers to maintain access over extended periods without requiring repeated exploitation attempts. This characteristic significantly increases the attack surface and persistence potential compared to reflected XSS vulnerabilities.
Mitigation strategies for CVE-2023-35792 should prioritize immediate implementation of proper input sanitization and output encoding mechanisms throughout the application's data flow. Organizations should implement comprehensive content security policies, employ strict input validation routines, and ensure all user-supplied data undergoes proper sanitization before storage. The application should utilize context-appropriate encoding techniques such as HTML entity encoding for web content, and implement proper HTTP headers including Content-Security-Policy to limit script execution. Additionally, regular security testing including automated scanning and manual penetration testing should be conducted to identify similar vulnerabilities in other components of the system. The fix should align with industry best practices outlined in OWASP Top Ten and NIST cybersecurity guidelines, emphasizing the importance of defense-in-depth strategies to protect against persistent web application threats.