CVE-2026-3610
Received Received - Intake
Cross-Site Scripting in HSC Mailinspector URL Handler

Publication date: 2026-03-06

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument error_description results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. Upgrading to version 5.4.0 can resolve this issue. You should upgrade the affected component. The vendor was contacted early and responded very professional: "We have already implemented the fix and made a hotfix available to affected customers, ensuring mitigation while the official release 5.4.0 has not yet been published. This allows customers to address the issue immediately, outside the regular release cycle."
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-06
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2026-03-06
EPSS Evaluated
2026-05-05
NVD
CVE-2026-3610
EUVD
EUVD-2026-9963
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
hsc_cybersecurity mailinspector to 5.4.0 (exc)
hsc_cybersecurity mailinspector 5.4.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': 'CVE-2026-3610 is a reflected Cross-Site Scripting (XSS) vulnerability found in HSC Cybersecurity Mailinspector versions up to 5.3.2-3. It exists in the URL handler component within the file /mailinspector/mliUserValidation.php, specifically in the argument error_description.'}, {'type': 'paragraph', 'content': 'The vulnerability arises because the error_description parameter is not properly sanitized or validated, allowing an attacker to inject arbitrary JavaScript code that is reflected back in the web page.'}, {'type': 'paragraph', 'content': "This flaw can be exploited remotely without requiring authentication by tricking a user into accessing a specially crafted URL, leading to execution of malicious scripts in the victim's browser."}, {'type': 'paragraph', 'content': 'The vendor has released a hotfix and an official update (version 5.4.0) to fix this issue.'}] [1, 3]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing attackers to execute malicious scripts in your browser when you visit a crafted URL. This can lead to several security issues including:

  • Session hijacking, where attackers steal your session tokens to impersonate you.
  • Malicious redirection to harmful websites.
  • Unauthorized actions performed on your behalf within the affected application.

Because the attack does not require authentication, it broadens the attack surface and increases the risk of exploitation.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by identifying access attempts to the vulnerable endpoint /mailinspector/mliUserValidation.php with the error_description parameter manipulated.'}, {'type': 'paragraph', 'content': 'One method to detect vulnerable targets is by using Google dorking with the query: inurl:mailinspector/mliUserValidation.php'}, {'type': 'paragraph', 'content': 'On your system or network, you can monitor HTTP GET requests to the mliUserValidation.php endpoint and look for suspicious or unusual values in the error_description parameter that may indicate an attempted cross-site scripting attack.'}, {'type': 'list_item', 'content': "Use web server logs to grep for requests to mliUserValidation.php, for example: grep 'mliUserValidation.php' /var/log/apache2/access.log"}, {'type': 'list_item', 'content': "Look for suspicious error_description parameter values in logs: grep 'error_description=' /var/log/apache2/access.log"}, {'type': 'list_item', 'content': 'Use network monitoring tools or intrusion detection systems to alert on HTTP requests containing the vulnerable parameter.'}] [1, 3]


What immediate steps should I take to mitigate this vulnerability?

The immediate and recommended mitigation step is to upgrade HSC Cybersecurity Mailinspector to version 5.4.0 or later, which contains the official fix for this vulnerability.

If upgrading immediately is not possible, apply the vendor-provided hotfix that was made available to affected customers prior to the official release.

Additionally, consider implementing web application firewall (WAF) rules to block or sanitize requests containing suspicious input in the error_description parameter to reduce the risk of exploitation.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart