CVE-2025-48487 – FreeScout Flash Message Cross-Site Scripting (XSS) Vulnerability

May 30, 2025

CVE ID : CVE-2025-48487

Published : May 30, 2025, 7:15 a.m. | 2 hours, 21 minutes ago

Description : FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when creating a translation of a phrase that appears in a flash-message after a completed action, it is possible to inject a payload to exploit XSS vulnerability. This issue has been patched in version 1.8.180.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48492 – GetSimple CMS Remote Code Execution (RCE) Vulnerability

Next Article CVE-2025-48865 – Fabio HTTP Hop-by-Hop Header Manipulation Vulnerability

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Top 7 Computer Performance Test Tools Online (Free & Fast)

Top 7 Computer Performance Test Tools Online (Free & Fast)

10 Best Windows 11 Encryption Software

Google Chrome Is Testing Dynamic Country Detection for Region-Specific Features

CVE-2025-48487 – FreeScout Flash Message Cross-Site Scripting (XSS) Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-25207 – Red Hat Connectivity Link Authorino Denial of Service

The best malware removal software of 2025: Expert tested and reviewed

CVE-2025-36546 – F5OS SSH Key-Based Authentication Privilege Escalation

OpenBubbles is a cross-platform app ecosystem

Analyzing the Effect of Linguistic Similarity on Cross-Lingual Transfer: Tasks and Input Representations Matter

Step by Step Guide on Converting Text to High-Quality Audio Using an Open Source TTS Model on Hugging Face: Including Detailed Audio File Analysis and Diagnostic Tools in Python

Dell’s XPS replacements are here, but only with Intel for now — and they’re not Copilot+ PCs, either

CVE-2025-5910 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

CVE-2025-48487 – FreeScout Flash Message Cross-Site Scripting (XSS) Vulnerability

Related Posts