Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2021/Dec/3 | Exploit Mailing List Third Party Advisory |
https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Sophos
Published: 2021-07-29T19:17:34
Updated: 2021-12-03T18:06:08
Reserved: 2021-01-15T00:00:00
Link: CVE-2021-25273
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-29T20:15:07.580
Modified: 2021-12-16T18:38:53.303
Link: CVE-2021-25273
JSON object: View
Redhat Information
No data.
CWE