Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/06/01 5:35 a.m.11 views

CVE-2025-48481

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an attacker with an unactivated email invitation containing invitehash, can exploit this vulnerability to self-activate their account, despite it being blocked or deleted, by leveraging the invitation link fro...

9.8CVSS7AI score0.00452EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/30 4:35 a.m.11 views

CVE-2025-48481 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an attacker with an unactivated email invitation containing invitehash, can exploit this vulnerability to self-activate their account, despite it being blocked or deleted, by leveraging the invitation link fro...

6.1CVSS6.7AI score0.00452EPSS
Exploits1References1
CVE
CVE
added 2025/05/30 4:35 a.m.60 views

CVE-2025-48481

Affected software: FreeScout (PHP/Laravel). Vulnerability: Business logic bypass allowing an attacker with an unactivated email invitation containing an invite_hash to self-activate a blocked or deleted account by using the invitation link, gaining initial access. Root cause / details: Described ...

9.8CVSS6.7AI score0.00452EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.8 views

PT-2025-23247 · Freescout · Freescout

Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.180 Description: The issue allows an attacker with an unactivated email invitation containing the invite hash to self-activate their account, even if it is blocked or deleted. This is achieved by leveraging the...

9.8CVSS6.5AI score0.00452EPSS
Exploits1References8
Rows per page
Query Builder