CVE-2026-3610 | HSC Cybersecurity Mailinspector up to 5.3.2-3 URL mliUserValidation.php error_description cross site scripting

A vulnerability, which was classified as problematic, was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument error_description results in cross site scripting.

This vulnerability was named CVE-2026-3610. The attack may be performed from remote. In addition, an exploit is available.

You should upgrade the affected component.

The vendor was contacted early and responded very professional: “We have already implemented the fix and made a hotfix available to affected customers, ensuring mitigation while the official release 5.4.0 has not yet been published. This allows customers to address the issue immediately, outside the regular release cycle.”

CVE-2026-3610 | HSC Cybersecurity Mailinspector up to 5.3.2-3 URL mliUserValidation.php error_description cross site scripting

Post correlati

CVE-2025-5367 | PHPGurukul Online Shopping Portal Project 1.0 /category.php Product sql injection

CVE-2024-0333 | Google Chrome prior 120.0.6099.216 Extensions input validation

CVE-2024-4956 | Sonatype Nexus Repository up to 3.68.0 path traversal

CVE-2024-5565 | Vanna Library Ask API injection (jfsa-2024-0010)