Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sophos Web Appliance 多个跨站脚本漏洞
Vulnerability Description
Sophos Web Appliance(SWA)是英国Sophos公司的一套Web安全网关产品。该产品支持实时网络威胁防护、自定义Web过滤和动态控制应用程序等。 Sophos Web Appliance 3.7.8.1及之前版本中存在跨站脚本漏洞,该漏洞源于rss.php脚本没有充分过滤‘xss’参数,end-user/errdoc.php脚本没有充分过滤‘msg’参数,end-user/ftp_redirect.php脚本没有充分过滤‘h’参数,Blocked组件没有充分过滤‘threat’参数。远
CVSS Information
N/A
Vulnerability Type
N/A