Lucene search
Sophos Connect Client Security Vulnerabilities
cve
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the...
6.1CVSS
5.9AI Score
0.001EPSS
2023-03-01 07:15 PM
25
cve
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than...
5.5CVSS
5.2AI Score
0.0004EPSS
2023-03-01 07:15 PM
38
cve
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than...
4.3CVSS
4.6AI Score
0.0005EPSS
2023-03-01 07:15 PM
29
cve
A malicious website could execute code remotely in Sophos Connect Client before version...
8.8CVSS
8.8AI Score
0.003EPSS
2021-03-22 06:15 PM
23