Cross-Site Scripting in Sophos Anti-Virus for Linux Web UI
CVE-2014-2385

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
22 July 2014

Summary

Multiple vulnerabilities in the web UI of Sophos Anti-Virus for Linux allow local users to execute arbitrary web scripts or HTML. By manipulating specific parameters, including 'ExcludeFileOnExpression', 'ExcludeFilesystems', and 'Email', attackers can compromise the application's configuration and potentially launch further attacks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.