CVE-2026-41190 FreeScout has assigned-only visibility bypass via save_draft that allows hidden conversation draft injection

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APPSHOWONLYASSIGNEDCONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The savedraft AJAX path is weaker. A direct POST can create a dra...

EUVD-2026-24195

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APPSHOWONLYASSIGNEDCONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The savedraft AJAX path is weaker. A direct POST can create a dra...

CVE-2026-41190

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APPSHOWONLYASSIGNEDCONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The savedraft AJAX path is weaker. A direct POST can create a dra...

CVE-2026-41190 FreeScout has assigned-only visibility bypass via save_draft that allows hidden conversation draft injection

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APPSHOWONLYASSIGNEDCONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The savedraft AJAX path is weaker. A direct POST can create a dra...

CVE-2026-41190

FreeScout (self-hosted help desk) is affected pre-1.8.215. When APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS is enabled, the UI correctly blocks users who are neither the assignee nor the creator in direct conversation view, but the save_draft AJAX path is weaker. A crafted direct POST can create a draft...

PT-2026-34039

Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.215 Description The reply and draft flows trust encrypted attachment IDs supplied by the client. Any IDs included in the attachments all variable but omitted from retained lists are decrypted and passed to the...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.215 contained security vulnerabilities. These vulnerabilities stemmed from a weak AJAX path for the savedraft function when th...

VulnCheck KEV: CVE-2023-34192

Synacor Zimbra Collaboration Suite ZCS contains a cross-site scripting XSS vulnerability that allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function...

Synacor Zimbra Collaboration Server 跨站脚本漏洞

Synacor Zimbra Collaboration Server ZCS is a suite of email and collaboration solutions from Synacor, USA. The solution provides email, contacts, calendar, file sharing, social networking, and other features. A security vulnerability exists in Synacor Zimbra Collaboration Server version v.8.8.15,...

SA-CONTRIB-2011-017 - Save Draft - Validation Bypass

The Save Draft module adds a "Save as draft" button to the node form, letting content creators easily save a post in unpublished draft form. The module adds validation to individual form actions, thereby bypassing any form-wide validation that is normally performed before saving content. This is ...