Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cq42-2gfv-949c

Опубликовано: 01 мар. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 6.1

Описание

Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim.

Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim.

Ссылки

EPSS

Процентиль: 41%
0.00187
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-4901

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2022-4901

CVSS3: 3.3
nvd
почти 3 года назад

Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim.

EPSS

Процентиль: 41%
0.00187
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-4901

Дефекты

CWE-79