Gaetano Sapia

**Name of the Vulnerable Software and Affected Versions** Sophos Firewall versions prior to 19.0 GA **Description** The issue concerns multiple XSS vulnerabilities in the Webadmin component of Sophos Firewall, allowing for privilege escalation from admin to super-admin. **Recommendations** For Sophos Firewall versions prior to 19.0 GA, update to version 19.0 GA or later to resolve the issue. As a temporary workaround, consider restricting access to the Webadmin component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Sophos Firewall versions prior to 19.0 GA **Description** The issue concerns multiple XSS vulnerabilities in Webadmin, allowing for privilege escalation from MySophos admin to SFOS admin. **Recommendations** For Sophos Firewall versions prior to 19.0 GA, update to version 19.0 GA or later to resolve the issue.