CVE-2026-32753 FreeScout: Stored XSS through SVG file upload with filter bypass

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, bypasses of the attachment view logic and SVG sanitizer make it possible to upload and render an SVG that runs malicious JavaScript. An extension of .png with content type of...

PT-2026-26374

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, bypasses of the attachment view logic and SVG sanitizer make it possible to upload and render an SVG that runs malicious JavaScript. An extension of .png with content type of...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. FreeScout versions 1.8.208 and earlier have security vulnerabilities; these vulnerabilities stem from the lack of content cleaning in email notification template...

FreeScout 访问控制错误漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. FreeScout versions 1.8.208 and earlier contained an access control vulnerability. This vulnerability stemmed from defects in access control mechanisms, allowing...