CVE-2025-48489

CVSS v2.0

4.9

Vector

AV:N/AC:H/Au:S/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.180

Description The issue is related to Cross-Site Scripting (XSS) attacks due to insufficient data validation and sanitization during data reception. This allows attackers to execute malicious scripts on the application. The problem has been patched in version 1.8.180.

Recommendations For versions prior to 1.8.180, update to version 1.8.180 to resolve the issue. As a temporary workaround, consider implementing additional data validation and sanitization measures to minimize the risk of exploitation. Restrict access to sensitive areas of the application until the update is applied.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BDU:2025-06965

CVE-2025-48489

GHSA-JQJF-F566-485J

Affected Products

Freescout

CVE-2025-48489

Weakness Enumeration

Related Identifiers

Affected Products

References · 6