FreeScout Insufficient Authorization Vulnerability Allowing Unauthorized Mailbox Access

A vulnerability in FreeScout prior to version 1.8.179 allows users to manipulate notification settings for mailboxes, potentially gaining unauthorized access. The application fails to properly verify user permissions when disabling or enabling notifications, enabling an attacker to access information or functionality beyond their granted privileges. This issue has been addressed in version 1.8.179.

Impact

Exploitation of this vulnerability could lead to unauthorized access to mailboxes and their associated information or functionalities.

Reproduction

To reproduce this vulnerability, send a POST request to the '/mailbox/ajax' endpoint with the 'action' parameter set to 'mute', the 'mailbox_id' parameter indicating the target mailbox, and the 'mute' parameter set to '1'. If the user does not have access to the specified mailbox, this action will grant access, allowing the user to manipulate mailbox settings.

Remediation

Users are advised to update to FreeScout version 1.8.179 or later.