2 matches found
PT-2025-64: Stored Cross-site scripting in FreeScout
The vulnerability was identified in FreeScout , versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to store malicious HTML/JavaScript scripts that is later executed in other users’ browsers due to insufficient input validation and sanitization. Vulnerability status:...
PT-2025-43: Deserialization of untrusted data in FreeScout
The vulnerability was identified in FreeScout, versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to execute arbitrary code on the server because the application performs insufficient validation of user‑supplied data during deserialization. Vulnerability status:...