CVE-2025-48875 – FreeScout Cross-Site Scripting (XSS) Vulnerability

May 30, 2025

CVE ID : CVE-2025-48875

Published : May 30, 2025, 7:15 a.m. | 2 hours, 21 minutes ago

Description : FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system’s incorrect validation of last_name and first_name during profile data updates allows for the injection of arbitrary JavaScript code, which will be executed in a flesh-message when the data is deleted, potentially leading to a Cross-Site Scripting (XSS) vulnerability. This issue has been patched in version 1.8.181.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4943 – LA-Studio Element Kit for Elementor Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-48880 – FreeScout Race Condition Vulnerability

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Elon Musk teasing a Grok male companion inspired by “50 Shades of Grey” — beating Microsoft’s AI CEO at his own game

My favorite RTS castle builder from 2002 just got a brilliant remaster — and it’s only $16 on PC for a limited time

Razer Core X V2 vs. Razer Core X V1 — There’s only one eGPU you want in 2025

4 features on Windows 11 exclusive to Europe that Microsoft should make global

The details of TC39’s last meeting

The details of TC39’s last meeting

Conditional Collection Skipping with Laravel’s skipWhile Method

Deploying Laravel Applications on Laravel Cloud With MongoDB Atlas

Elon Musk teasing a Grok male companion inspired by “50 Shades of Grey” — beating Microsoft’s AI CEO at his own game

Elon Musk teasing a Grok male companion inspired by “50 Shades of Grey” — beating Microsoft’s AI CEO at his own game

My favorite RTS castle builder from 2002 just got a brilliant remaster — and it’s only $16 on PC for a limited time

Razer Core X V2 vs. Razer Core X V1 — There’s only one eGPU you want in 2025

CVE-2025-48875 – FreeScout Cross-Site Scripting (XSS) Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Schulrechner – calculator you know from school

LLMs factor in unrelated information when recommending medical treatments

CVE-2025-5267 – “Firefox Clickjacking Payment Card Disclosure Vulnerability”

CVE-2025-45011 – “PHPGurukul Park Ticketing Management System HTML Injection Vulnerability”

Building for Developers—Not Imitators

How to fix Xbox controller bumpers and buttons without cracking it open

Why Guidewire Programs Fail: The Missing Layer of Assurance Enterprises Must Know

Introducing Automated Risk Analysis in Relational Migrator

CVE-2025-48875 – FreeScout Cross-Site Scripting (XSS) Vulnerability

Related Posts