Plattform
php
Komponente
mailinspector
Behoben in
5.3.3
CVE-2026-3610 describes a cross-site scripting (XSS) vulnerability discovered in HSC Cybersecurity Mailinspector versions 5.3.2-3 through 5.4.0. This flaw allows attackers to inject malicious scripts, potentially leading to session hijacking or defacement. The vulnerability resides within the /mailinspector/mliUserValidation.php file, specifically concerning the handling of the error_description argument. A fix is available in version 5.4.0.
Successful exploitation of CVE-2026-3610 enables an attacker to execute arbitrary JavaScript code within the context of a victim's browser session. This can lead to various malicious outcomes, including the theft of session cookies, redirection to phishing websites, and the modification of displayed content. The remote nature of the vulnerability means an attacker does not need local access to exploit it. Given the public availability of the exploit, the risk of immediate exploitation is elevated. The impact extends to any user interacting with Mailinspector within the affected version range.
CVE-2026-3610 is a publicly disclosed vulnerability with a known proof-of-concept. The exploit's public availability significantly increases the likelihood of exploitation. The CVSS score of 4.3 (Medium) reflects the potential impact and ease of exploitation. It was published on 2026-03-06. No KEV listing is currently available.
Organizations utilizing Mailinspector for email security and management, particularly those running versions 5.3.2-3 through 5.4.0, are at risk. Shared hosting environments where multiple users share the same Mailinspector instance are especially vulnerable, as an attacker could potentially compromise other users' sessions.
• generic web: Use curl to test the /mailinspector/mliUserValidation.php endpoint with a crafted payload containing <script>alert('XSS')</script> in the error_description parameter. Check the response for the alert box.
curl 'http://your-mailinspector-instance/mailinspector/mliUserValidation.php?error_description=<script>alert("XSS")</script>' -s• generic web: Examine access and error logs for requests to /mailinspector/mliUserValidation.php containing suspicious characters or script tags in the error_description parameter.
• php: Review the source code of /mailinspector/mliUserValidation.php for inadequate input sanitization of the error_description variable.
disclosure
Exploit-Status
EPSS
0.03% (9% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-3610 is to upgrade Mailinspector to version 5.4.0 or later, which contains the fix. If immediate upgrading is not possible, consider implementing input validation and sanitization on the error_description parameter to prevent malicious script injection. Web application firewalls (WAFs) configured to detect and block XSS payloads can provide an additional layer of defense. After upgrading, confirm the vulnerability is resolved by attempting to inject a simple script (e.g., <script>alert('XSS')</script>) through the affected parameter and verifying that the script does not execute.
Aktualisieren Sie Mailinspector auf Version 5.4.0 oder höher. Diese Version enthält die Korrektur für die Cross-Site-Scripting-Schwachstelle. Wenn Sie nicht sofort aktualisieren können, wenden Sie sich an den Anbieter, um den Hotfix zu erhalten.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-3610 is a cross-site scripting (XSS) vulnerability affecting Mailinspector versions 5.3.2-3 through 5.4.0, allowing attackers to inject malicious scripts.
You are affected if you are using Mailinspector versions 5.3.2-3 through 5.4.0. Upgrade to 5.4.0 to resolve the issue.
Upgrade Mailinspector to version 5.4.0 or later. Implement input validation as a temporary workaround if upgrading is not immediately possible.
Due to the public availability of a proof-of-concept, CVE-2026-3610 is likely being actively exploited.
Refer to the vendor's advisory, which was provided promptly upon contact and details the fix implemented in version 5.4.0.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.