Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

freescout — Vulnerabilities & Security Advisories 66

All 66 CVE vulnerabilities found in freescout, with AI-generated Chinese analysis, references, and POCs.

Vendor: freescout-helpdesk

CVE IDTitleCVSSSeverityPublished
CVE-2026-32753 FreeScout: Stored XSS through SVG file upload with filter bypass CWE-80 6.1 -2026-03-19
CVE-2026-32752 FreeScout: Broken Access Control in ThreadPolicy — Any User Can Read/Edit All Customer Messages CWE-284--2026-03-19
CVE-2026-28289 FreeScout 1.8.206 Patch Bypass for CVE-2026-27636 via Zero-Width Space Character Leads to Remote Code Execution CWE-434 10.0 Critical2026-03-03
CVE-2026-27636 FreeScout: Missing .htaccess in Restricted File Extensions Allows Remote Code Execution on Apache CWE-434 8.8 High2026-02-25
CVE-2026-27637 FreeScout's Predictable Authentication Token Enables Account Takeover CWE-330 9.8 Critical2026-02-25
CVE-2025-58163 FreeScout's deserialization of untrusted data can lead to Remote Code Execution CWE-502 7.5AIHighAI2025-09-03
CVE-2025-54366 FreeScout's deserialization of untrusted data leads to Remote Code Execution CWE-502 8.8 -2025-07-26
CVE-2025-48488 FreeScout Vulnerable to Stored XSS CWE-79 5.4AIMediumAI2025-05-30
CVE-2025-48880 FreeScout has Race Condition When Deleting Users CWE-362 4.2AIMediumAI2025-05-30
CVE-2025-48875 FreeScout Vulnerable to Stored XSS CWE-79 5.4AIMediumAI2025-05-30
CVE-2025-48489 FreeScout Vulnerable to Stored XSS CWE-79 5.4AIMediumAI2025-05-30
CVE-2025-48487 FreeScout Vulnerable to Stored XSS CWE-79 5.4AIMediumAI2025-05-30
CVE-2025-48486 FreeScout Vulnerable to Stored XSS CWE-79 5.4AIMediumAI2025-05-30
CVE-2025-48485 FreeScout Vulnerable to Stored XSS CWE-79 5.4AIMediumAI2025-05-30
CVE-2025-48484 FreeScout Vulnerable to Stored XSS CWE-79 5.4AIMediumAI2025-05-30
CVE-2025-48483 FreeScout Stored XSS leads to CSRF CWE-79 6.1AIMediumAI2025-05-30
CVE-2025-48482 FreeScout Has Business Logic Errors CWE-841 4.3AIMediumAI2025-05-30
CVE-2025-48481 FreeScout Has Business Logic Errors CWE-841 8.2AIHighAI2025-05-30
CVE-2025-48480 FreeScout Has Business Logic Errors CWE-841 6.5AIMediumAI2025-05-30
CVE-2025-48479 FreeScout Has Business Logic Errors CWE-841 6.5AIMediumAI2025-05-30
CVE-2025-48478 FreeScout Has Business Logic Errors CWE-841 7.5AIHighAI2025-05-30
CVE-2025-48477 FreeScout Has Business Logic Errors CWE-841 4.3AIMediumAI2025-05-30
CVE-2025-48476 FreeScout Has Business Logic Errors CWE-841 8.8AIHighAI2025-05-30
CVE-2025-48475 FreeScout Vulnerable to Insufficient Authorization CWE-863 5.4AIMediumAI2025-05-29
CVE-2025-48474 FreeScout Vulnerable to Insufficient Authorization CWE-863 4.3AIMediumAI2025-05-29
CVE-2025-48473 FreeScout Vulnerable to Insufficient Authorization CWE-863 3.5AILowAI2025-05-29
CVE-2025-48472 FreeScout Vulnerable to Insufficient Authorization CWE-863 7.1AIHighAI2025-05-29
CVE-2025-48471 FreeScout Vulnerable to Arbitrary File Upload CWE-434 8.8AIHighAI2025-05-29
CVE-2025-48390 FreeScout Vulnerable to Remote Code Execution (RCE) CWE-94 7.2AIHighAI2025-05-29
CVE-2025-48389 FreeScout Vulnerable to Deserialization of Untrusted Data CWE-502 8.8AIHighAI2025-05-29

All 66 known CVE vulnerabilities affecting freescout with full Chinese analysis, references, and POCs where available.