2 matches found
📄 FreeScout 1.8.206 Remote Code Execution
This Metasploit module exploits an unauthenticated remote code execution vulnerability in FreeScout versions less than or equal to 1.8.206 CVE-2026-28289. The sanitizeUploadedFileName function checks for dot-prefixed filenames before stripping Unicode format characters ZWSP U+200B, allowing...
CVE-2026-28289
creationtimestamp| type| source ---|---|--- 2026-03-04 00:48:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg72qyudpu2e 2026-03-04 03:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116168669779819860 2026-03-04 03:00:30+00:00| seen|...