← back
CVE-2021-36806

CVE-2021-36806

CVSS 4.7 MEDIUMEPSS 0.4%CWE-79
A reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on Sophos Email Appliance older than version 4.5.3.4.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Affected products
Sophos · Sophos Email Appliance

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://community.sophos.com/email-appliance/b/blog/posts/sophos-email-appliance-version-4-5-3-4-released