### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: Deserialization of Untrusted Data - **CVE ID**: CVE-2025-4800 - **CVSS v4.0 Base Metrics**: - **Severity**: High (3.6/10) - **Attack Vector**: Network - **Attack Complexity**: Low - **Privileges Required**: None - **User Interaction**: High - **Confidentiality Impact**: High - **Integrity Impact**: High - **Availability Impact**: Low #### Affected Versions - **Affected Versions**: first(); if ($Option === null || $Option->value !== $Serialized_value) { if ($Option === null) { $Option = new Option(); $Option->name = $Name; } $Option->value = $Serialized_value; $Option->save(); } } ``` #### Mitigation Measures - Update FreeScout to the latest version. - Implement input validation on both client and server sides. - Use parameterized queries to separate data from code. - Analyze application source code to identify, eliminate, and replace potentially dangerous or outdated methods.