Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.5 views

PT-2025-64: Stored Cross-site scripting in FreeScout

The vulnerability was identified in FreeScout , versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to store malicious HTML/JavaScript scripts that is later executed in other users’ browsers due to insufficient input validation and sanitization. Vulnerability status:...

5.4CVSS5.8AI score0.00214EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.10 views

PT-2025-53: Business Logic Errors in FreeScout

The vulnerability was identified in FreeScout, versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to gain access to a functional capability without completing the required sequence of actions, bypassing the intended business workflow. Vulnerability status: Confirmed b...

8.5CVSS5.8AI score0.0027EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.9 views

PT-2025-45: Arbitrary file upload in FreeScout

The vulnerability was identified in FreeScout, versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to upload arbitrary including executable files containing malicious code because the application does not perform sufficient validation of uploaded files. Vulnerability...

9.8CVSS6AI score0.00958EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.11 views

PT-2025-59: Stored Cross-site scripting in FreeScout

The vulnerability was identified in FreeScout , versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to store malicious HTML/JavaScript scripts that is later executed in other users’ browsers due to insufficient input validation and sanitization. Vulnerability status:...

6.1CVSS5.8AI score0.00215EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.8 views

PT-2025-50: Business Logic Errors in FreeScout

The vulnerability was identified in FreeScout , versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to gain access to a functional capability without completing the required sequence of actions, bypassing the intended business workflow. Vulnerability status: Confirmed ...

8.8CVSS5.8AI score0.00448EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.11 views

PT-2025-60: Stored Cross-site scripting in FreeScout

The vulnerability was identified in FreeScout , versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to store malicious HTML/JavaScript scripts that is later executed in other users’ browsers due to insufficient input validation and sanitization. Vulnerability status:...

6.1CVSS5.8AI score0.00216EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/16 12:0 a.m.10 views

PT-2025-43: Deserialization of untrusted data in FreeScout

The vulnerability was identified in FreeScout, versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to execute arbitrary code on the server because the application performs insufficient validation of user‑supplied data during deserialization. Vulnerability status:...

8.6CVSS6.3AI score0.00787EPSS
Exploits1References1
Rows per page
Query Builder