Behramagaahmedli

Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.211 Description FreeScout, a help desk and shared inbox built with PHP's Laravel framework, is susceptible to host header manipulation. Specifically, in versions prior to 1.8.211, manipulating the Host header in requests to the ''/system/status'' endpoint allows an attacker to inject an arbitrary domain into generated absolute URLs. This can lead to External Resource Loading and Open Redirect behavior, potentially redirecting users to attacker-controlled domains and loading resources from malicious servers. Recommendations Update to version 1.8.211 or later.