XSS Vulnerabilities in Webadmin: Privilege Escalation in Sophos Firewall

XSS Vulnerabilities in Webadmin: Privilege Escalation in Sophos Firewall

CVE-2021-25268 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA.

Learn more about our Web App Pen Testing.