2 matches found
CVE-2025-48478 FreeScout Has Business Logic Errors
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, insufficient input validation during user creation has resulted in a mass assignment vulnerability, allowing an attacker to manipulate all fields of the object, which are enumerated in the $fillable array the...
CVE-2021-41325
Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. In addition, such users can be granted several admin permissions via the Roles parameter...