平台
php
组件
freescout-help-desk
修复版本
1.8.216
CVE-2026-41191 affects FreeScout help desk software versions 1.0.0 through 1.8.214. This vulnerability allows users with limited mailbox permissions ('sig') to manipulate hidden settings related to chat functionality through direct POST requests, bypassing intended access controls. The vulnerability has been resolved in version 1.8.215, and users are strongly advised to upgrade.
The core impact of CVE-2026-41191 lies in the ability for a user with restricted permissions to alter critical mailbox settings. While the user interface only displays the signature field, a malicious actor can directly modify the chatstartnew setting via a POST request. This could lead to unintended chat behavior, potentially disrupting support workflows or enabling unauthorized communication channels. The blast radius is limited to the affected mailbox and its associated users, but the impact on support operations could be significant. This vulnerability highlights the importance of proper input validation and access control enforcement, even for seemingly innocuous settings.
CVE-2026-41191 was publicly disclosed on 2026-04-21. There are currently no known public proof-of-concept exploits available. The vulnerability's EPSS score is likely low to medium, given the requirement for specific mailbox permissions and the lack of widespread exploitation. It has not been added to the CISA KEV catalog at the time of writing.
Organizations utilizing FreeScout for help desk and shared mailbox management are at risk, particularly those running versions 1.0.0 through 1.8.214. Shared hosting environments where multiple users have access to FreeScout instances are also at increased risk, as the vulnerability could be exploited by a malicious user within the same hosting account.
• php: Examine FreeScout application logs for suspicious POST requests to MailboxesController::updateSave() with modified chatstartnew values.
grep 'chat_start_new' /path/to/freescout/logs/application.log• generic web: Monitor access logs for requests to /api/v2/mailboxes/<mailboxid>/update with POST data containing chatstart_new.
grep 'chat_start_new' /var/log/apache2/access.log• generic web: Check response headers for unusual status codes (e.g., 200 OK) after POST requests to the vulnerable endpoint, indicating successful modification.
disclosure
漏洞利用状态
EPSS
0.03% (8% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2026-41191 is to upgrade FreeScout to version 1.8.215 or later, which includes the fix for this vulnerability. If an immediate upgrade is not feasible, consider implementing temporary restrictions on direct POST requests to the MailboxesController::updateSave() endpoint. While not a complete solution, this can reduce the attack surface. Review FreeScout's access control configuration to ensure users only have the necessary permissions. After upgrading, verify the chatstartnew setting for all mailboxes to ensure it has not been maliciously altered.
Actualice FreeScout a la versión 1.8.215 o posterior para mitigar la vulnerabilidad. Esta actualización corrige el problema al filtrar correctamente los campos permitidos al actualizar la configuración de la bandeja de entrada, evitando que los usuarios con permisos limitados modifiquen la configuración de chat a nivel de bandeja de entrada.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2026-41191 is a HIGH severity vulnerability in FreeScout versions 1.0.0 through 1.8.214 that allows users with limited permissions to modify hidden chat settings via direct POST requests.
You are affected if you are running FreeScout versions 1.0.0 through 1.8.214. Upgrade to version 1.8.215 or later to mitigate the risk.
Upgrade FreeScout to version 1.8.215 or later. As a temporary workaround, restrict direct POST requests to the vulnerable endpoint.
There are currently no known reports of active exploitation of CVE-2026-41191, but it is crucial to apply the patch promptly.
Refer to the FreeScout security advisory for detailed information and updates: [https://freescout.com/security/](https://freescout.com/security/)
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。