Stored XSS Vulnerability in Sophos Firewall Webadmin Import Group Wizard

CVE-2022-3709 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA.

Learn more about our Web App Pen Testing.