CVE-2024-34698
- EPSS 0.81%
- Veröffentlicht 14.05.2024 15:39:27
- Zuletzt bearbeitet 10.01.2025 15:11:33
FreeScout is a free, self-hosted help desk and shared mailbox. Versions of FreeScout prior to 1.8.139 contain a Prototype Pollution vulnerability in the `/public/js/main.js` source file. The Prototype Pollution arises because the `getQueryParam` Func...
CVE-2024-34697
- EPSS 0.5%
- Veröffentlicht 14.05.2024 15:39:27
- Zuletzt bearbeitet 10.01.2025 15:13:34
FreeScout is a free, self-hosted help desk and shared mailbox. A stored HTML Injection vulnerability has been identified in the Email Receival Module of the Freescout Application. The vulnerability allows attackers to inject malicious HTML content in...
- EPSS 0.49%
- Veröffentlicht 22.03.2024 17:15:08
- Zuletzt bearbeitet 10.01.2025 15:03:50
FreeScout is a self-hosted help desk and shared mailbox. Versions prior to 1.8.128 are vulnerable to OS Command Injection in the /public/tools.php source file. The value of the php_path parameter is being executed as an OS command by the shell_exec f...
- EPSS 0.33%
- Veröffentlicht 22.03.2024 17:15:08
- Zuletzt bearbeitet 10.01.2025 15:06:59
FreeScout is a self-hosted help desk and shared mailbox. A Stored Cross-Site Scripting (XSS) vulnerability has been identified within the Signature Input Field of the FreeScout Application prior to version 1.8.128. Stored XSS occurs when user input i...
CVE-2024-28186
- EPSS 0.24%
- Veröffentlicht 12.03.2024 20:15:08
- Zuletzt bearbeitet 10.01.2025 15:01:40
FreeScout is an open source help desk and shared inbox built with PHP. A vulnerability has been identified in the Free Scout Application, which exposes SMTP server credentials used by an organization in the application to users of the application. T...
CVE-2024-1932
- EPSS 0.1%
- Veröffentlicht 28.02.2024 00:15:54
- Zuletzt bearbeitet 10.01.2025 14:55:25
Unrestricted Upload of File with Dangerous Type in freescout-helpdesk/freescout