CRITICAL🇵🇱 Wersja polska

CVE-2026-32754

CVSS 9.3v3.1pub. 2026-03-19upd. 2026-03-23

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Versions 1.8.208 and below are vulnerable to Stored Cross-Site Scripting (XSS) through FreeScout's email notification templates. Incoming email bodies are stored in the database without sanitization and rendered unescaped in outgoing email notifications using Blade's raw output syntax {!! $thread->body !!}. An unauthenticated attacker can exploit this vulnerability by simply sending an email, and when opened by any subscribed agent or admin as part of their normal workflow, enabling universal HTML injection (phishing, tracking) and, in vulnerable email clients, JavaScript execution (session hijacking, credential theft, account takeover) affecting all recipients simultaneously. This issue has been fixed in version 1.8.209.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
  • Freescout

    APP
    Freescout
    < 1.8.209
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSSAuth Bypass
CWE
References

Related vulnerabilities

CVE-2026-28289CRITICAL10.0PL ✓ten sam produkt

FreeScout: bypass zabezpieczeń uploadu pliku prowadzący do RCE

CVE-2026-27637CRITICAL9.8PL ✓ten sam produkt

FreeScout: przewidywalny token uwierzytelniający umożliwia przejęcie konta

CVE-2024-29185CRITICAL9.0PL ✓ten sam produkt

FreeScout: OS Command Injection umożliwiający przejęcie serwera

CVE-2026-40496HIGH8.8ten sam produkt

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download to...

CVE-2026-40497HIGH8.1ten sam produkt

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's `Helper::s...