CVE-2025-48485 in freescout
Résumé
par MITRE • 30/05/2025
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data when an authenticated user updates the profile of an arbitrary customer. This issue has been patched in version 1.8.180.
If you want to get best quality of vulnerability data, you may have to visit VulDB.