In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos web appliance |