CVEFinder.io

CVE-2026-29965

🔶 medium
🔍 Scan for this CVE
Summary

HSC MailInspector 5.3.3-7 is vulnerable to Cross Site Scripting (XSS) in the /police/WarningUrlPage.php endpoint due to improper neutralization of user-supplied input that uses alternate or obfuscated JavaScript syntax.

CVSS Score
6.1
Medium
EPSS Score
0.0
Exploit Probability
Published Date
2026-05-18
First Seen: 2026-05-19
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 39.0% of all 321,566 vulnerabilities in our database.

#196,174
Below average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: May 18, 2026
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2026-05-19
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE IDs (Weakness Types)
CWE-79

📦 Affected Products 1

Vendor Product Status Affected Versions
hsclabs mailinspector Affected
v5.3.3-7

🔗 References 3

https://github.com/sql3t0/cve-disclosures
Third Party Advisory
https://github.com/sql3t0/cve-disclosures/blob/main/...
Third Party Advisory
https://hsclabs.com/pt-br/mailinspector/
Product

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-29962 ⚠️ high 7.5 0.1 HSC MailInspector v5.3.3-7 contains a Local File Inclusion (LFI) vulnerability caused by improper control of user-suppli... 2026-05-18
CVE-2026-29963 ⚠️ high 7.5 0.1 HSC MailInspector 5.3.3-7 has a Path Traversal vulnerability due to improper validation of user-supplied input in the /t... 2026-05-18
CVE-2026-29964 🔶 medium 6.1 0.0 HSC MailInspector v5.3.3-7 contains a Cross-Site Scripting (XSS) vulnerability in the /tap/tap.php endpoint due to impro... 2026-05-18
CVE-2024-32369 🔶 medium 4.3 2.0 SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to ob... 2024-05-07
CVE-2024-32370 ⛔ critical 9.8 3.5 An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive info... 2024-05-07
CVE-2024-32371 ⚠️ high 7.5 0.7 An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a regular user account to escalate their p... 2024-05-07
These CVEs affect the same products