This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: FreeScout < 1.8.213 suffers from **Mass Assignment** in email connection settings.β¦
π‘οΈ **CWE-284**: Improper Control of Generation of Code ('Code Injection') / Mass Assignment. π₯ **Flaw**: `connectionIncomingSave` & `connectionOutgoingSave` pass `$request->all()` directly to `$mailbox->fill`.β¦
π’ **Vendor**: FreeScout (Laravel PHP Help Desk). π¦ **Affected**: Versions **before 1.8.213**. β **Safe**: 1.8.213 and later. π **Published**: 2026-04-21.
Q4What can hackers do? (Privileges/Data)
π΅οΈ **Privileges**: Requires **Authenticated Admin** access. π― **Impact**: Can modify **any fillable field** in the Mailbox model. π¬ **Specifics**: Inject BCC addresses or hijack SMTP outgoing connections. π
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: **High** for Auth, **Low** for Execution. π **PR:H**: Requires High Privileges (Admin). β‘ **AC:L**: Low Complexity. π±οΈ **UI:N**: No User Interaction needed once logged in. π **CVSS**: High (8.1+).
Q6Is there a public Exp? (PoC/Wild Exploitation)
π« **Public Exp**: **No** public PoC or wild exploitation detected yet. π **Status**: POCs list is empty in data. π **Reference**: GHSA advisory confirms vulnerability but no exploit code shared. π΅οΈββοΈ
Q7How to self-check? (Features/Scanning)
π **Check**: Scan for FreeScout instances. π **Verify**: Check version number in footer/config. π οΈ **Feature**: Look for 'Connection Settings' endpoints.β¦
β **Fixed**: Yes! Patched in **v1.8.213**. π **Commit**: `f45b9105d43b0352c08fcca154e8ae6177c3d860`. π₯ **Action**: Upgrade immediately via GitHub releases. π
Q9What if no patch? (Workaround)
π‘οΈ **Workaround**: If stuck on old version, **restrict Admin access** strictly. π« **Mitigation**: Implement WAF rules to block mass-assignment payloads on `/connection/save` endpoints.β¦