CVE-2025-48485 in freescoutinformation

Résumé

par MITRE • 30/05/2025

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data when an authenticated user updates the profile of an arbitrary customer. This issue has been patched in version 1.8.180.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsable

GitHub M

Réserver

22/05/2025

Divulgation

30/05/2025

Modérer

accepté

Entrée

VDB-310635

CPE

prêt

EPSS

0.00215

KEV

non

Activités

très faible

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!