An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 up to and including 5.2.18 allows a remote malicious user to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.