CVE-2026-41905

Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.217

Description The sanitizeRemoteUrl() function in app/Misc/Helper.php follows HTTP redirects via curlGetLastRedirectedUrl() but re-validates the original URL instead of the final destination. This allows an attacker to provide a URL that passes the initial host check to redirect the application to internal HTTP services, such as cloud metadata, internal APIs, or RFC1918 ranges, which are typically blocked.

Recommendations Update to version 1.8.217.