SQL Injection Vulnerability in Watchguard XCS 9.2 and 10.0 before Build 150522

SQL Injection Vulnerability in Watchguard XCS 9.2 and 10.0 before Build 150522

CVE-2015-5452 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3.

Learn more about our Web Application Penetration Testing UK.