2 matches found
CVE-2022-3711
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3711
CVE-2022-3711 affects Sophos Firewall (User Portal) and is a post-auth, read-only SQL injection that enables reading non-sensitive configuration database contents. The issue exists in releases older than 19.5 GA. Root cause: SQL injection in the User Portal component, allowing an authenticated us...