cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-36692,https://securityvulnerability.io/vulnerability/CVE-2020-36692,,A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.,Sophos,Sophos Web Appliance,6.5,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2023-04-04T00:00:00.000Z,0
CVE-2023-1671,https://securityvulnerability.io/vulnerability/CVE-2023-1671,,A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.,Sophos,Sophos Web Appliance,9.8,CRITICAL,0.9571499824523926,true,true,false,true,true,false,false,2023-04-04T00:00:00.000Z,0
CVE-2022-4934,https://securityvulnerability.io/vulnerability/CVE-2022-4934,,A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.,Sophos,Sophos Web Appliance,7.2,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2023-04-04T00:00:00.000Z,0