Medium severity6.1OSV Advisory· Published Oct 24, 2018· Updated Jun 17, 2026
CVE-2018-18635
CVE-2018-18635
Description
www/guis/admin/application/controllers/UserController.php in the administration login interface in MailCleaner CE 2018.08 and 2018.09 allows XSS via the admin/login/user/message/ PATH_INFO.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 2018.08, 2018.09
Patches
Vulnerability mechanics
References
2- github.com/MailCleaner/MailCleaner/commit/5f90a52785672fc688c1f85e472e84b8a0d008d8nvdPatchThird Party Advisory
- github.com/MailCleaner/MailCleaner/issues/53nvdExploitPatchThird Party Advisory
News mentions
0No linked articles in our index yet.