FreeScout Laravel Translation Manager Directory Deletion Vulnerability

A vulnerability in the Laravel Translation Manager package used by FreeScout, prior to version 1.8.180, allows for improper validation of user input. This flaw enables authorized users with administrator rights to delete any directory by exploiting the translation management feature. The issue arises from the application's failure to enforce a proper sequence of actions, allowing users to bypass necessary steps and access functionalities that could lead to directory deletion.

Impact

Exploitation of this vulnerability could result in unauthorized deletion of directories within the application, potentially leading to loss of important data or disruption of application functionality.

Reproduction

To reproduce this vulnerability, an authorized user with administrator rights can send a POST request to the '/translations/locales/remove' endpoint. The request must include a 'remove-locale' parameter with a value that specifies the path of the directory to be deleted. This can be done by navigating to the translations management section of the FreeScout application and using the translation manager to remove a locale, which will trigger the vulnerable code that deletes the specified directory.

Remediation

Users are advised to update to FreeScout version 1.8.180 or later, where this vulnerability has been patched.