CVE-2025-48388
Published: 29 May 2025
Summary
CVE-2025-48388 is a high-severity CRLF Injection (CWE-93) vulnerability in Freescout Freescout. Its CVSS base score is 7.0 (High).
Operationally, ranked in the top 50.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-16376
Vulnerability details
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application performs insufficient validation of user-supplied data, which is used as arguments to string formatting functions. As a result, an attacker can pass a string…
more
containing special symbols (\r, \n, \t)to the application. This issue has been patched in version 1.8.178.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.