CVE-2022-3710
Sophos Firewall (pre-19.5 GA) is affected by a post-auth, read‑only SQL injection in the API controller that enables API clients to read non‑sensitive configuration data from the configuration database. The vulnerability’s exploit is described as read access without altering data (impact: confide...