CVE-2025-48487
Published
CVSS v3
4.8
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when creating a translation of a phrase that appears in a flash-message after a completed action, it is possible to inject a payload to exploit XSS vulnerability. This issue has been patched in version 1.8.180.
FreeScout — Free self-hosted help desk & shared mailbox (Zendesk / Help Scout alternative)
GitHub