Description

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization and rendered unescaped into outgoing reply emails via the `{%customer.fullName%}` signature variable. This allows embedding phishing links, tracking pixels, and spoofed content inside legitimate support emails sent from the organization's address. Version 1.8.213 fixes the issue.

Type de vulnérabilité

• CWE-116

Vecteur d'attaque

Complexité : LOW

Privilèges requis : NONE

Interaction utilisateur : NONE

Impact

• Confidentialité : NONE
• Intégrité : LOW
• Disponibilité : NONE

Recommandations

Appliquer les correctifs de sécurité fournis par le vendeur dès que possible.