FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The save_draft AJAX path is weaker. A direct POST can create a draft inside a conversation that is hidden in the UI. Version 1.8.215 fixes the vulnerability.
Exploitability
AV:NAC:LPR:LUI:NScope
S:UImpact
C:LI:HA:N7.1/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:NAccess Control