CVE-2026-40497 - FreeScout Vulnerable to CSS Injection via Stored Style Tag in Mailbox Signature (CSRF Token Exfiltration)

byMaloy Roy Orko -April 20, 2026

CVE ID :CVE-2026-40497
Published : April 21, 2026, 3:16 a.m. | 1 hour, 6 minutes ago
Description :FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's `Helper::stripDangerousTags()` removes `

Tags Latest Vulnerabilities IFTTT

CVE-2026-40497 - FreeScout Vulnerable to CSS Injection via Stored Style Tag in Mailbox Signature (CSRF Token Exfiltration)

Post a Comment

Swiftbuy V 1.0 | /login.php - No Limit To Authentication Attempts To Admin Login

Categories

Main Tags

Contact Form

Latest Posts

Popular Posts

Swiftbuy V 1.0 | /login.php - No Limit To Authentication Attempts To Admin Login

CVE-2025-0842 | Library-Card-System | SQL Injection Admin Login Bypass In admin.php | Found By Maloy Roy Orko

Script And Tools | Real Estate Management System 1.0 | SQL Injection Admin Bypass In /admin/

Contact Form