CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-25268
https://notcve.org/view.php?id=CVE-2021-25268
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA. Múltiples vulnerabilidades de tipo XSS en Webadmin permiten la escalada de privilegios de MySophos admin a SFOS admin en Sophos Firewall versiones anteriores a 19.0 GA • https://www.sophos.com/en-us/security-advisories/sophos-sa-20220505-sfos-19-0-0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-25267
https://notcve.org/view.php?id=CVE-2021-25267
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA. Múltiples vulnerabilidades de tipo XSS en Webadmin permiten una escalada de privilegios de admin a super-admin en Sophos Firewall versiones anteriores a 19.0 GA • https://www.sophos.com/en-us/security-advisories/sophos-sa-20220505-sfos-19-0-0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •