First published: Fri Jun 30 2023(Updated: )
Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sophos Web Appliance | =4.3.9.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The CVE ID of this vulnerability is CVE-2023-33336.
The severity of CVE-2023-33336 is medium with a CVSS score of 4.8.
The affected software is Sophos Web Appliance version 4.3.9.1.
CVE-2023-33336 is a reflected cross-site scripting (XSS) vulnerability discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
To fix CVE-2023-33336, it is recommended to update Sophos Web Appliance to a patched version provided by the vendor.