Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

freescout — Vulnerabilities & Security Advisories 66

All 66 CVE vulnerabilities found in freescout, with AI-generated Chinese analysis, references, and POCs.

Vendor: freescout-helpdesk

CVE IDTitleCVSSSeverityPublished
CVE-2026-41906 FreeScout: Conversation Change-Customer Cross-Mailbox Authorization Bypass CWE-639 7.1 High2026-05-07
CVE-2026-41905 FreeScout vulnerable to SSRF via Helper::sanitizeRemoteUrl: redirect destination not re-validated, allowing internal HTTP / cloud-metadata access CWE-918 7.7 High2026-05-07
CVE-2026-41904 FreeScout Stored XSS vulnerability in mailbox auto-reply: payload reaches every customer's email client (no CSP), bypassing strip_tags validator with mixed text+HTML content CWE-79 7.6 High2026-05-07
CVE-2026-41902 FreeScout's user invitation hash never expires: permanent unauthenticated account takeover if invite link leaks CWE-613 9.1 Critical2026-05-07
CVE-2026-41903 FreeScout IDOR Vulnerability: PERM_EDIT_USERS allows modifying any user's notification subscriptions (incomplete fix of CVE-2025-48472) CWE-863 5.4 Medium2026-05-07
CVE-2026-41194 FreeScout's Mailbox OAuth disconnect uses a state-changing GET and is CSRFable CWE-352 5.4 Medium2026-04-21
CVE-2026-41193 FreeScout has Zip Slip path traversal in module installation that allows arbitrary file write leading to RCE CWE-22 9.1 Critical2026-04-21
CVE-2026-41192 FreeScout's client-controlled attachment IDs allow deletion of existing conversation attachments CWE-862 7.1 High2026-04-21
CVE-2026-41191 FreeScout's signature only mailbox permission allows unauthorized mailbox chat setting changes CWE-863 7.1 High2026-04-21
CVE-2026-41190 FreeScout has assigned-only visibility bypass via save_draft that allows hidden conversation draft injection CWE-863 7.1 High2026-04-21
CVE-2026-41189 FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads CWE-863 7.1 High2026-04-21
CVE-2026-41183 FreeScout allows non-folder conversation queries to disclose assigned-only hidden conversations CWE-200 4.3 Medium2026-04-21
CVE-2026-40592 FreeScout's cross-user undo reply allows mailbox peers to recall another agent's outbound reply CWE-862 5.9 Medium2026-04-21
CVE-2026-40591 FreeScout: Improper Authorization in Phone Conversation Creation Enables Cross-Mailbox Hidden Customer Modification CWE-639 7.1 High2026-04-21
CVE-2026-40590 FreeScout's Customer AJAX Create Modifies Hidden Existing Customer CWE-639 4.3 Medium2026-04-21
CVE-2026-40589 FreeScout has Customer Edit Cross-Mailbox Email Takeover CWE-639 7.6 High2026-04-21
CVE-2026-40570 FreeScout's Missing Authorization in load_customer_info Allows Any Authenticated User to Access Full Customer PII CWE-639 4.3AIMediumAI2026-04-21
CVE-2026-40569 FreeScout's Mass Assignment in Mailbox Connection Settings Enables Silent Email Exfiltration CWE-284 9.0 Critical2026-04-21
CVE-2026-40568 FreeScout Vulnerable to XSS via Mailbox Signature Due to Incomplete HTML Sanitization CWE-79 8.5 High2026-04-21
CVE-2026-40567 FreeScout has HTML Injection in Outgoing Emails via Unsanitized Customer Name in Signature Variables CWE-116 5.8 Medium2026-04-21
CVE-2026-40566 FreeScout vulnerable to SSRF via IMAP/SMTP Connection Test Endpoints CWE-918 4.1 Medium2026-04-21
CVE-2026-40565 FreeScout has Stored XSS / CSS Injection via linkify() — Unescaped URL in Anchor href CWE-79 6.1 Medium2026-04-21
CVE-2026-40498 FreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cron CWE-200 9.1AICriticalAI2026-04-21
CVE-2026-40497 FreeScout Vulnerable to CSS Injection via Stored Style Tag in Mailbox Signature (CSRF Token Exfiltration) CWE-79 8.1 High2026-04-21
CVE-2026-40496 FreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute Force CWE-330 8.2AIHighAI2026-04-21
CVE-2026-35584 FreeScout has an Unauthenticated IDOR in Open Tracking Endpoint Allows Cross-Conversation Thread Manipulation and Enumeration CWE-306 8.2AIHighAI2026-04-07
CVE-2026-39384 FreeScout Customer Merge Cross-Mailbox Authorization Bypass CWE-639 7.6 High2026-04-07
CVE-2026-34442 FreeScout: Host Header Injection Leading to External Resource Loading and Open Redirect in FreeScout CWE-20 5.4 Medium2026-03-31
CVE-2026-34443 FreeScout: SSRF protection bypass via broken CIDR check in checkIpByMask() CWE-918 7.5 -2026-03-31
CVE-2026-32754 FreeScout: Stored XSS via Unescaped Email Template Rendering ({!! $thread->body !!}) CWE-79 9.3 Critical2026-03-19

All 66 known CVE vulnerabilities affecting freescout with full Chinese analysis, references, and POCs where available.