Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the...
6.1CVSS
6AI Score
0.001EPSS
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than...
4.3CVSS
4.6AI Score
0.0005EPSS
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than...
5.5CVSS
5.2AI Score
0.0004EPSS
A malicious website could execute code remotely in Sophos Connect Client before version...
8.8CVSS
8.7AI Score
0.003EPSS