CVE-2022-48309
CVE-2022-48309 is a CSRF vulnerability in Sophos Connect prior to 2.2.90. Exploitation could allow a malicious site to retrieve logs and technical support archives, impacting confidentiality (CVSS v3.1 base score 4.3, MEDIUM). Affected product: Sophos Connect (versions before 2.2.90). Root cause:...