Description

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, there is no check to ensure that the user is disabling notifications for the mailbox to which they already have access. Moreover, the code explicitly implements functionality that if the user does not have access to the mailbox, then after disabling (enabling) notifications for this mailbox, the user will gain access to it. This issue has been patched in version 1.8.179.

INFO

Published Date :

2025-05-29T15:18:58.406Z

Last Modified :

2025-05-29T15:36:15.931Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-48472 vulnerability.

Vendors Products
Freescout
  • Freescout
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-48472.

URL Resource
https://github.com/freescout-help-desk/freescout/commit/01c91d2086ddd56778698e557138a178b2f59916 cve-icon cve-icon
https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-f62r-8354-8pqg cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact