Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.13 views

CVE-2026-48810

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 8:16 p.m.13 views

CVE-2026-48811

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a non-admin user to permanently delete an internal note private thread from any conversation, even after that user's access to the mailbox containing the conversation has been...

4.3CVSS0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 7:48 p.m.27 views

CVE-2026-48810

FreeScout (Laravel PHP) contains a vulnerability where ThreadPolicy::edit allows a user with PERM_EDIT_CONVERSATIONS who created a message in Mailbox A to rewrite the thread after being removed from the mailbox, due to a missing mailbox membership check (the same issue observed in ThreadPolicy::d...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 7:48 p.m.9 views

CVE-2026-48810 FreeScout: Thread Edit Authorization Bypass via Missing Mailbox Check

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 7:48 p.m.13 views

EUVD-2026-33438

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 7:48 p.m.8 views

CVE-2026-48810

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/29 7:48 p.m.35 views

CVE-2026-48810 FreeScout: Thread Edit Authorization Bypass via Missing Mailbox Check

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the...

4.3CVSS0.00155EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.11 views

PT-2026-44995

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the PERM EDIT...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References2
Rows per page
Query Builder