CVE-2016-3968

Multiple cross-site scripting XSS vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web scrip...

CVE-2016-3968

CVE-2016-3968 affects Sophos Cyberoam CR100iNG UTM (FW 10.6.3 MR-1 build 503) and CR35iNG UTM (FW 10.6.2 MR-1 build 383, and FW 10.6.2 build 378). The vulnerability is cross-site scripting (XSS) via web parameters in LiveConnections.jsp and LiveConnectionDetail.jsp (specifically ipFamily in LiveC...