漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
FreeScout Has Business Logic Errors
Vulnerability Description
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, there is a mass assignment vulnerability. The Customer object is updated using the fill() method, which processes fields such as channel and channel_id. However, the fill() method is called with all client-provided data, including unexpected values for channel and channel_id, leading to a mass assignment vulnerability. This issue has been patched in version 1.8.180.
CVSS Information
N/A
Vulnerability Type
行为工作流的不恰当实施
Vulnerability Title
FreeScout 安全漏洞
Vulnerability Description
FreeScout是FreeScout公司的一个使用 PHP(Laravel 框架)构建的超轻量级且功能强大的免费开源帮助台和共享收件箱。 FreeScout 1.8.180之前版本存在安全漏洞,该漏洞源于Customer对象更新时fill方法处理不当,可能导致批量分配漏洞。
CVSS Information
N/A
Vulnerability Type
N/A