FreeScout 1.8.181
27 May 2025
FreeScout version 1.8.181 is now available (security release).
Upgrading to FreeScout 1.8.181
FreeScout 1.8.181 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply FreeScout updates as new versions are released, or use Installatron's Clone feature to duplicate an existing FreeScout install to test the 1.8.181 upgrade prior to applying it live. Get started managing your FreeScout installations with Installatron
What's New in FreeScout 1.8.181
1.8.181
Security
- Eliminate possibility of race condition when deleting a user.
- Strip tags in User::setData() method.
- Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option when deleting a conversation.
Fixed
- Fixed error occurring on creating mailbox (#4800)
- Do not trim values enclosed in quotes in sanitiseVariableValue() function (#4714)
- Show translated messages when activating or deactivating modules.
Changes
- Suppress "Duplicate entry" error when fetching emails (#4795)
1.8.180
Security
- Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option in ConversationPolicy.php
- Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option when changing conversation subject.
- Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option when following or unfollowing conversation.
- Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option on customer Conversation tab.
- Take into account APP_LIMIT_USER_CUSTOMER_VISIBILITY option on customer profile page.
- Do not allow to change user password in profileSave() function.
- Fixed UserPolicy.php update method.
- Do not allow regular users change other users emails when PERM_EDIT_USERS enabled.
- Limit fields which can be updated on mailbox Settings and Auto Reply pages.
- Limit fields which can be updated during user creation.
- Check language name when deleting a language from Translate page.
- Limit fields which can be updated in OpenController userSetupSave() function.
- Limit fields which can be updated during updating of a customer.
- Remove also unclosed restricted tags in Helper::stripDangerousTags() function.
- Escape customer name in the customer updated flash message.
- Escape company name displayed in the "Welcome to Company" flash message.
- Strip dangerous tags when publishing translations.
- Strip dangerous tags in /system/ajax-html/job_details/ modal.
- Sanitize name field when creating a mailbox.
Fixed
- Fixed German translation (#4776)
- Fixed CSP issue when embedding an iframe (#4777)
- Make setCookie() function cross-browser in main.js (#4793)
- Set same_site back to null in session config (#4769)
