CVE-2025-48875 – FreeScout Cross-Site Scripting (XSS) Vulnerability

May 30, 2025

CVE ID : CVE-2025-48875

Published : May 30, 2025, 7:15 a.m. | 2 hours, 21 minutes ago

Description : FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system’s incorrect validation of last_name and first_name during profile data updates allows for the injection of arbitrary JavaScript code, which will be executed in a flesh-message when the data is deleted, potentially leading to a Cross-Site Scripting (XSS) vulnerability. This issue has been patched in version 1.8.181.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4943 – LA-Studio Element Kit for Elementor Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-48880 – FreeScout Race Condition Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

My top 5 must-play PC games for the second half of 2025 — Will they live up to the hype?

A week of hell with my Windows 11 PC really makes me appreciate the simplicity of Google’s Chromebook laptops

Elden Ring Nightreign Night Aspect: How to beat Heolstor the Nightlord, the final boss

New Xbox games launching this week, from June 2 through June 8 — Zenless Zone Zero finally comes to Xbox

Student Record Android App using SQLite

Student Record Android App using SQLite

When Array uses less memory than Uint8Array (in V8)

Laravel 12 Starter Kits: Definite Guide Which to Choose

My top 5 must-play PC games for the second half of 2025 — Will they live up to the hype?

My top 5 must-play PC games for the second half of 2025 — Will they live up to the hype?

A week of hell with my Windows 11 PC really makes me appreciate the simplicity of Google’s Chromebook laptops

Elden Ring Nightreign Night Aspect: How to beat Heolstor the Nightlord, the final boss

CVE-2025-48875 – FreeScout Cross-Site Scripting (XSS) Vulnerability

New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora

DevSecOps Phase 4B: Manual Penetration Testing

I’ve relied on this electric screwdriver for years, and it just got a big upgrade (plus it’s on sale)

Palworld developers at Pocketpair showed off gliding six months prior to Nintendo’s original patent application

This portable laptop accessory helped me finally achieve my daily standing goals during the workday

Do Large Language Models Have an English Accent? Evaluating and Improving the Naturalness of Multilingual LLMs

Are web components worth it?

Distribution Release: TrueNAS 24.10.2 “SCALE”

APEER: A Novel Automatic Prompt Engineering Algorithm for Passage Relevance Ranking

Framer Motion Evolvesâ€”Say Hello to Motion

CVE-2025-48875 – FreeScout Cross-Site Scripting (XSS) Vulnerability

Related Posts