top of page
perceptive_background_267k.jpg

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's `Helper::stripDangerousTags()` removes `<script>`, `<form>`,…

Published:

20 April 2026 at 22:00:00

Alert date:

21 April 2026 at 17:05:49

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

FreeScout help desk software versions prior to 1.8.213 contain a CSS injection vulnerability in the mailbox signature field. The Helper::stripDangerousTags() function fails to remove <style> tags, allowing attackers with mailbox access to inject malicious CSS. The vulnerability enables CSS attribute selectors to exfiltrate CSRF tokens from admin/agent users viewing conversations. Stolen CSRF tokens can be used for privilege escalation attacks, allowing agents to perform admin actions like creating accounts or changing passwords. This represents an incomplete fix for a previous XSS vulnerability (GHSA-jqjf-f566-485j). The issue is resolved in version 1.8.213.

Technical details

Mitigation steps:

Affected products:

FreeScout

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-40497
https://github.com/freescout-help-desk/freescout/commit/5aa8d633216f65995e80a7d4a921b784acc94df4
https://github.com/freescout-help-desk/freescout/releases/tag/1.8.213
https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-fh99-wr77-pxq3

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page