Sophos Sophos Web Appliance
3 CVEs affecting Sophos Sophos Web Appliance. Latest disclosed: 2023-04-04. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-1671 | Critical | 9.8 | 2023-04-04 | A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. |
CVE-2022-4934 | High | 7.2 | 2023-04-04 | A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitr… |
CVE-2020-36692 | Medium | 6.5 | 2023-04-04 | A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the vict… |