CVE-2026-41905 | freescout-help-desk freescout up to 1.8.216 HTTP Service app/Misc/Helper.php sanitizeRemoteUrl server-side request forgery

A vulnerability classified as critical has been found in freescout-help-desk freescout up to 1.8.216. Impacted is the function Helper::sanitizeRemoteUrl of the file app/Misc/Helper.php of the component HTTP Service. This manipulation causes server-side request forgery.

This vulnerability is tracked as CVE-2026-41905. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More