Lucene search
K

4 matches found

nvd
nvd
added 2025/05/30 7:15 a.m.11 views

CVE-2025-48486

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the cross-site scripiting XSS vulnerability is caused by the lack of input validation and sanitization in both \Session::flash and , allowing user input to be executed without proper filtering. This issue has...

6.1CVSS0.00216EPSS
Exploits1References1
osv
osv
added 2025/05/30 6:30 a.m.6 views

CVE-2025-48488 FreeScout Vulnerable to Stored XSS

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, deleting the file .htaccess allows an attacker to upload an HTML file containing malicious JavaScript code to the server, which can result in a Cross-Site Scripting XSS vulnerability. This issue has been patch...

4.6CVSS6AI score0.00216EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/05/30 6:30 a.m.6 views

CVE-2025-48488 FreeScout Vulnerable to Stored XSS

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, deleting the file .htaccess allows an attacker to upload an HTML file containing malicious JavaScript code to the server, which can result in a Cross-Site Scripting XSS vulnerability. This issue has been patch...

4.6CVSS5.9AI score0.00216EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2025/05/30 6:17 a.m.6 views

CVE-2025-48486 FreeScout Vulnerable to Stored XSS

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the cross-site scripiting XSS vulnerability is caused by the lack of input validation and sanitization in both \Session::flash and , allowing user input to be executed without proper filtering. This issue has...

6.1CVSS6AI score0.00216EPSS
Exploits1References1
Rows per page
Query Builder