CVE-2025-48486 in freescoutinformation

Résumé

par MITRE • 30/05/2025

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the cross-site scripiting (XSS) vulnerability is caused by the lack of input validation and sanitization in both \Session::flash and __, allowing user input to be executed without proper filtering. This issue has been patched in version 1.8.180.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsable

GitHub M

Réserver

22/05/2025

Divulgation

30/05/2025

Modérer

accepté

Entrée

VDB-310633

CPE

prêt

EPSS

0.00216

KEV

non

Activités

très faible

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!