CVE-2026-40497 | freescout-help-desk freescout up to 1.8.212 Mailbox Signature Field /mailbox/settings/ stripDangerousTags cross site scripting (GHSA-fh99-wr77-pxq3)

A vulnerability was found in freescout-help-desk freescout up to 1.8.212. It has been classified as problematic. This vulnerability affects the function Helper::stripDangerousTags of the file /mailbox/settings/ of the component Mailbox Signature Field Handler. This manipulation causes cross site scripting.

This vulnerability is registered as CVE-2026-40497. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More