cbcvebase.

Freescout-Help-Desk Freescout vulnerabilities

62 known vulnerabilities affecting freescout-help-desk/freescout.

Total CVEs
62
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH24MEDIUM28LOW2

Vulnerabilities

Page 3 of 4
CVE-2026-32753P4MEDIUMCVSS 5.4fixed in 1.8.2092026-03-19
CVE-2026-32753 [MEDIUM] CWE-80 CVE-2026-32753: FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.2 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, bypasses of the attachment view logic and SVG sanitizer make it possible to upload and render an SVG that runs malicious JavaScript. An extension of .png with content type of image/svg+xml is allowed, and a fallback mechanism on invalid X
nvd
CVE-2026-34443P4MEDIUMCVSS 5.3fixed in 1.8.2112026-03-31
CVE-2026-34443 [MEDIUM] CWE-918 CVE-2026-34443: FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, checkIpByMask() in app/Misc/Helper.php checks whether the input IP contains a / character. Plain IP addresses never contain /, so the function always returns false without checking any CIDR ranges. The entire 10.0.0.0/8 and 172.16.0.0/12 priva
nvd
CVE-2026-40565P4MEDIUMCVSS 6.1fixed in 1.8.2132026-04-21
CVE-2026-40565 [MEDIUM] CWE-79 CVE-2026-40565: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's linkify() function in app/Misc/Helper.php converts plain-text URLs in email bodies into HTML anchor tags without escaping double-quote characters (") in the URL. HTMLPurifier (called first via getCleanBody()) preserves literal " characters in text nodes
nvd
CVE-2025-48488P4MEDIUMCVSS 5.4fixed in 1.8.1802025-05-30
CVE-2025-48488 [MEDIUM] CWE-79 CVE-2025-48488: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, deleting the FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, deleting the file .htaccess allows an attacker to upload an HTML file containing malicious JavaScript code to the server, which can result in a Cross-Site Scripting (XSS) vulnerability. This issue has been patched in version 1.8.180.
nvd
CVE-2025-48485P4MEDIUMCVSS 5.4fixed in 1.8.1802025-05-30
CVE-2025-48485 [MEDIUM] CWE-79 CVE-2025-48485: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the applicat FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data when an authenticated user updates the profile of an arbitrary customer. This issue has been patched in version 1.8.180.
nvd
CVE-2025-48486P4MEDIUMCVSS 5.4fixed in 1.8.1802025-05-30
CVE-2025-48486 [MEDIUM] CWE-79 CVE-2025-48486: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the cross-si FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the cross-site scripiting (XSS) vulnerability is caused by the lack of input validation and sanitization in both \Session::flash and __, allowing user input to be executed without proper filtering. This issue has been patched in version 1.8.180.
nvd
CVE-2025-48484P4MEDIUMCVSS 5.4fixed in 1.8.1782025-05-30
CVE-2025-48484 [MEDIUM] CWE-79 CVE-2025-48484: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the applicat FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data in the conversation POST data body. This issue has been patched in version 1.8.178.
nvd
CVE-2025-48875P4MEDIUMCVSS 5.4fixed in 1.8.1812025-05-30
CVE-2025-48875 [MEDIUM] CWE-79 CVE-2025-48875: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system's FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system's incorrect validation of last_name and first_name during profile data updates allows for the injection of arbitrary JavaScript code, which will be executed in a flesh-message when the data is deleted, potentially leading to a Cross-Site Scripting (XSS)
nvd
CVE-2025-48478P4MEDIUMCVSS 4.9fixed in 1.8.1802025-05-30
CVE-2025-48478 [MEDIUM] CWE-841 CVE-2025-48478: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, insufficient FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, insufficient input validation during user creation has resulted in a mass assignment vulnerability, allowing an attacker to manipulate all fields of the object, which are enumerated in the $fillable array (the User object), when creating a new user. This issue ha
nvd
CVE-2025-48483P4MEDIUMCVSS 5.4fixed in 1.8.1802025-05-30
CVE-2025-48483 [MEDIUM] CWE-79 CVE-2025-48483: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the applicat FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data during mail signature sanitization. An attacker can inject arbitrary HTML code, including JavaScript scripts, into the page pr
nvd
CVE-2026-41194P4MEDIUMCVSS 5.4fixed in 1.8.2152026-04-21
CVE-2026-41194 [MEDIUM] CWE-352 CVE-2026-41194: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the mailbox FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the mailbox OAuth disconnect action is implemented as `GET /mailbox/oauth-disconnect/{id}/{in_out}/{provider}`. It removes stored OAuth metadata from the mailbox and then redirects. Because it is a GET route, no CSRF token is required and the action can be trigger
nvd
CVE-2026-48811P4MEDIUMCVSS 4.3fixed in 1.8.2212026-05-29
CVE-2026-48811 [MEDIUM] CWE-862 CVE-2026-48811: FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a non-admin user to permanently delete an internal note (private thread) from any conversation, even after that user's access to the mailbox containing the conversation has been revoked. The ThreadPolicy::delete authorization policy
nvd
CVE-2025-48473P4MEDIUMCVSS 4.3fixed in 1.8.1792025-05-29
CVE-2025-48473 [MEDIUM] CWE-863 CVE-2025-48473: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, when creatin FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, when creating a conversation from a message in another conversation, there is no check to ensure that the user has the ability to view this message. Thus, the user can view arbitrary messages from other mailboxes or from other conversations to which they do not h
nvd
CVE-2026-40590P4MEDIUMCVSS 4.3fixed in 1.8.2142026-04-21
CVE-2026-40590 [MEDIUM] CWE-639 CVE-2026-40590: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the Change C FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the Change Customer modal exposes a “Create a new customer” flow via POST /customers/ajax with action=create. Under limited visibility, the endpoint drops unique-email validation. If the supplied email already belongs to a hidden customer, Customer::create() reus
nvd
CVE-2026-48810P4MEDIUMCVSS 4.3fixed in 1.8.2212026-05-29
CVE-2026-48810 [MEDIUM] CWE-285 CVE-2026-48810: FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the PERM_EDIT_CONVERSATIONS permission who created a message or internal
nvd
CVE-2026-40566P4MEDIUMCVSS 4.1fixed in 1.8.2132026-04-21
CVE-2026-40566 [MEDIUM] CWE-918 CVE-2026-40566: FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Serve FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery (SSRF) vulnerability in the IMAP/SMTP connection test functionality of FreeScout's `MailboxesController`. Three AJAX actions `fetch_test` (line 731), `send_test` (line 682), and `imap_folders` (line 773) in `app/Http/Controllers
nvd
CVE-2025-48482P4MEDIUMCVSS 4.3fixed in 1.8.1802025-05-30
CVE-2025-48482 [MEDIUM] CWE-841 CVE-2025-48482: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, there is a m FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, there is a mass assignment vulnerability. The Customer object is updated using the fill() method, which processes fields such as channel and channel_id. However, the fill() method is called with all client-provided data, including unexpected values for channel an
nvd
CVE-2026-41183P4MEDIUMCVSS 4.3fixed in 1.8.2152026-04-21
CVE-2026-41183 [MEDIUM] CWE-200 CVE-2026-41183: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder query builders. Global search and the AJAX filter path still reveal conversations that should be hidden. Version 1.8.215 fixes the vulnerability.
nvd
CVE-2025-48487P4MEDIUMCVSS 4.8fixed in 1.8.1802025-05-30
CVE-2025-48487 [MEDIUM] CWE-79 CVE-2025-48487: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when creatin FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when creating a translation of a phrase that appears in a flash-message after a completed action, it is possible to inject a payload to exploit XSS vulnerability. This issue has been patched in version 1.8.180.
nvd
CVE-2025-48489P4MEDIUMCVSS 4.8fixed in 1.8.1802025-05-30
CVE-2025-48489 [MEDIUM] CWE-79 CVE-2025-48489: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the applicat FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to insufficient data validation and sanitization during data reception. This issue has been patched in version 1.8.180.
nvd
Freescout-Help-Desk Freescout vulnerabilities | cvebase