5 matches found
CVE-2026-41191
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, MailboxesController::updateSave persists chatstartnew outside the allowed-field filter. A user with only the mailbox sig permission sees only the signature field in the UI, but can still change the hidden...
CVE-2026-41191
FreeScout vulnerability detail: before 1.8.215, MailboxesController::updateSave() persists chat_start_new outside the allowed-field filter. A user with only the mailbox sig permission can alter the hidden mailbox-wide chat setting via direct POST, despite UI restricting to the signature field. Ve...
CVE-2026-41191
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, MailboxesController::updateSave persists chatstartnew outside the allowed-field filter. A user with only the mailbox sig permission sees only the signature field in the UI, but can still change the hidden...
CVE-2026-4108
CVE-2026-4108 affects Zohocorp ManageEngine Exchange Reporter Plus pre-5802. The issue is a stored XSS vulnerability within the Non-Owner Mailbox Permission report, allowing an attacker to inject script when a report is generated or viewed that processes user-supplied input. Based on the availabl...
Oracle Linux 4 : shadow-utils (ELSA-2007-0276)
From Red Hat Security Advisory 2007:0276 : Updated shadow-utils packages that fix a security issue and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The shadow-utils package includes the necessary programs for...