Description
A vulnerability was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument error_description results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. Upgrading to version 5.4.0 can resolve this issue. You should upgrade the affected component. The vendor was contacted early and responded very professional: "We have already implemented the fix and made a hotfix available to affected customers, ensuring mitigation while the official release 5.4.0 has not yet been published. This allows customers to address the issue immediately, outside the regular release cycle."
Published: 2026-03-06
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Scripting (remote)
Action: Immediate Patch
AI Analysis

Impact

A remote cross‑site scripting vulnerability exists in the URL Handler component of HSC Cybersecurity Mailinspector, specifically in the /mailinspector/mliUserValidation.php file. The flaw is triggered by manipulating the error_description argument, causing the application to render untrusted data as script. This weakness corresponds to CWE‑79 and CWE‑94. An attacker who supplies a crafted error_description value can inject arbitrary JavaScript that will execute in the context of any authenticated user who views the page, enabling theft of session cookies, defacement, or unauthorized actions.

Affected Systems

HSC Cybersecurity Mailinspector versions up to and including 5.3.2-3 are affected. The vulnerability is present in the component that handles URLs through mliUserValidation.php and does not appear in newer releases beginning with 5.4.0.

Risk and Exploitability

The CVSS score for this issue is 5.3, indicating a moderate severity. The EPSS score is less than 1%, suggesting a low probability of widespread exploitation at present, and the vulnerability has not been listed in the CISA KEV catalog. Exploitation requires the attacker to supply a malicious error_description value, typically via a crafted URL or form submission that can be delivered to a susceptible user. Since the attack can be performed from remote and the exploit code has been made public, defenders should treat this as a potential risk for targeted phishing or compromised email content. The lack of an authentication requirement means that only the user interacting with the payload needs to be routed through the vulnerable component for the script to execute.

Generated by OpenCVE AI on April 16, 2026 at 11:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to HSC Cybersecurity Mailinspector version 5.4.0 or apply the vendor‑supplied hotfix that sanitizes the error_description parameter
  • If a patch has not yet been applied, disable the URL Handler feature in the application configuration to prevent the vulnerable endpoint from being exposed
  • Implement server‑side input validation or filtering for the error_description argument, ensuring that only expected characters are accepted before rendering

Generated by OpenCVE AI on April 16, 2026 at 11:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 09 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 06 Mar 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Hsc Cybersecurity
Hsc Cybersecurity mailinspector
Vendors & Products Hsc Cybersecurity
Hsc Cybersecurity mailinspector

Fri, 06 Mar 2026 01:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument error_description results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. Upgrading to version 5.4.0 can resolve this issue. You should upgrade the affected component. The vendor was contacted early and responded very professional: "We have already implemented the fix and made a hotfix available to affected customers, ensuring mitigation while the official release 5.4.0 has not yet been published. This allows customers to address the issue immediately, outside the regular release cycle."
Title HSC Cybersecurity Mailinspector URL mliUserValidation.php cross site scripting
Weaknesses CWE-79
CWE-94
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Hsc Cybersecurity Mailinspector
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-09T15:32:31.587Z

Reserved: 2026-03-05T18:05:38.127Z

Link: CVE-2026-3610

cve-icon Vulnrichment

Updated: 2026-03-09T15:32:27.973Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-06T01:15:53.913

Modified: 2026-03-09T13:36:08.413

Link: CVE-2026-3610

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T12:00:11Z

Weaknesses