cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-48309,https://securityvulnerability.io/vulnerability/CVE-2022-48309,,A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90.,Sophos,Sophos Connect Client,4.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2023-03-01T00:00:00.000Z,0
CVE-2022-4901,https://securityvulnerability.io/vulnerability/CVE-2022-4901,,Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim.,Sophos,Sophos Connect Client,3.3,LOW,0.0007200000109151006,false,false,false,false,,false,false,2023-03-01T00:00:00.000Z,0
CVE-2022-48310,https://securityvulnerability.io/vulnerability/CVE-2022-48310,,An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.,Sophos,Sophos Connect Client,5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-03-01T00:00:00.000Z,0
CVE-2021-25265,https://securityvulnerability.io/vulnerability/CVE-2021-25265,,A malicious website could execute code remotely in Sophos Connect Client before version 2.1.,Sophos,Sophos Connect Client,8.8,HIGH,0.003060000017285347,false,false,false,false,,false,false,2021-03-22T17:24:28.000Z,0