CVE-2026-40497
Published: 21 April 2026
Summary
CVE-2026-40497 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Freescout Freescout. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Browser Session Hijacking (T1185); ranked at the 11.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Validates and sanitizes inputs to the mailbox signature field to block injection of malicious <style> tags like in this incomplete stripDangerousTags implementation.
Filters output when rendering unescaped signatures in conversation views to prevent execution of injected CSS attribute selectors that exfiltrate CSRF tokens.
Remediates the specific flaw in FreeScout prior to 1.8.213 by applying the vendor patch that updates Helper::stripDangerousTags to remove <style> tags.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CSS injection enables exfiltration of CSRF tokens from viewing users' browsers, directly facilitating T1185 Browser Session Hijacking; stolen tokens then allow unauthorized state changes including account creation and credential modification, mapping to T1098 Account Manipulation.
NVD Description
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's `Helper::stripDangerousTags()` removes `<script>`, `<form>`, `<iframe>`, `<object>` but does NOT strip `<style>` tags. The mailbox signature field is saved via POST /mailbox/settings/{id} and later rendered unescaped…
more
via `{!! $conversation->getSignatureProcessed([], true) !!}` in conversation views. CSP allows `style-src * 'self' 'unsafe-inline'`, so injected inline styles execute freely. An attacker with access to mailbox settings (admin or agent with mailbox permission) can inject CSS attribute selectors to exfiltrate the CSRF token of any agent/admin who views a conversation in that mailbox. With the CSRF token, the attacker can perform any state-changing action as the victim (create admin accounts, change email/password, etc.) — privilege escalation from agent to admin. This is the result of an incomplete fix of GHSA-jqjf-f566-485j. That advisory reported XSS via mailbox signature. The fix applied `Helper::stripDangerousTags()` to the signature before saving. However, `stripDangerousTags()` only removes `script`, `form`, `iframe`, and `object` tags — it does NOT strip `<style>` tags, leaving CSS injection possible. Version 1.8.213 contains an updated fix.
Deeper analysisAI
CVE-2026-40497 is a CSS injection vulnerability in FreeScout, a free self-hosted help desk and shared mailbox application. In versions prior to 1.8.213, the `Helper::stripDangerousTags()` function removes dangerous HTML tags such as `<script>`, `<form>`, `<iframe>`, and `<object>`, but fails to strip `<style>` tags. This allows malicious CSS to be injected via the mailbox signature field, which is saved through POST /mailbox/settings/{id} and rendered unescaped using `{!! $conversation->getSignatureProcessed([], true) !!}` in conversation views. The Content Security Policy permits `style-src * 'self' 'unsafe-inline'`, enabling execution of injected inline styles. The issue stems from an incomplete fix for GHSA-jqjf-f566-485j, which addressed XSS in the same field but overlooked CSS injection. The vulnerability has a CVSS v3.1 score of 8.1 (AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N) and is associated with CWE-79 (Cross-site Scripting).
An attacker with access to mailbox settings—such as an admin or agent with mailbox permissions—can inject CSS attribute selectors into the signature. When another agent or admin views a conversation in that mailbox, the injected CSS exfiltrates their CSRF token. Armed with the victim's CSRF token, the attacker can perform any state-changing action on their behalf, including creating admin accounts, changing email addresses or passwords, and achieving privilege escalation from agent to admin.
Advisories and patches recommend updating to FreeScout version 1.8.213, which includes an updated fix via commit 5aa8d633216f65995e80a7d4a921b784acc94df4. Details are available in the GHSA advisory GHSA-fh99-wr77-pxq3 and the release notes.
Details
- CWE(s)