3 matches found
CVE-2022-3709
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3709
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3709
The CVE-2022-3709 entry describes a stored XSS in Sophos Firewall’s Webadmin import group wizard that enables a regular admin to escalate to super-admin privileges on versions older than 19.5 GA. Affected product: Sophos Firewall (Webadmin import group wizard). Root cause: stored cross-site scrip...