Vulnerability vector:
- Base vulnerability score (CVSSv4.0): CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
- Severity (CVSSv4.0): 6.1 (Medium)
Description:
The vulnerability was identified in FreeScout , versions 1.8.182.
The discovered vulnerability allows an attacker to send HTTP requests to external and internal resources, causing data leakage and denial‑of‑service.
Vulnerability status: Confirmed by vendor
Date of vulnerability remediation: 08.08.2025
Recommendations:
- Update to version FreeScout OAuth & Social Login Module v1.0.22 or higher
Additional information: Security advisory, Press release
Researcher: Daniil Satyaev, Roman Cheremnykh, Artem Danilov (Positive Technologies)