CVE-2025-48486 in freescout
Résumé
par MITRE • 30/05/2025
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the cross-site scripiting (XSS) vulnerability is caused by the lack of input validation and sanitization in both \Session::flash and __, allowing user input to be executed without proper filtering. This issue has been patched in version 1.8.180.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.