3 matches found
EUVD-2025-28233
Malicious code in bioql PyPI...
CVE-2025-48482 FreeScout Has Business Logic Errors
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, there is a mass assignment vulnerability. The Customer object is updated using the fill method, which processes fields such as channel and channelid. However, the fill method is called with all client-provided...
CVE-2025-48477
CVE-2025-48477 | FreeScout suffers a business logic error prior to version 1.8.180: the app allows access to a functional capability without completing the required action sequence, leaving the Mailbox object’s attributes changable via the fill method. The issue is patched in 1.8.180. Affected so...