CVE-2025-48478— FreeScout 安全漏洞

FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, insufficient input validation during user creation has resulted in a mass assignment vulnerability, allowing an attacker to manipulate all fields of the object, which are enumerated in the $fillable array (the User object), when creating a new user. This issue has been patched in version 1.8.180.

N/A

行为工作流的不恰当实施

FreeScout 安全漏洞

FreeScout是FreeScout公司的一个使用 PHP（Laravel 框架）构建的超轻量级且功能强大的免费开源帮助台和共享收件箱。 FreeScout 1.8.180之前版本存在安全漏洞，该漏洞源于用户创建时输入验证不足，可能导致批量分配漏洞。

N/A

N/A