PT-2023-15910 · Sophos · Sophos Connect
Name of the Vulnerable Software and Affected Versions: Sophos Connect versions prior to 2.2.90 Description: The issue allows Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim. This is achieved through multiple stored XSS...