CVE-2014-2385

Name of the Vulnerable Software and Affected Versions Sophos Anti-Virus for Linux versions prior to 9.6.1

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the web UI. These vulnerabilities allow local users to inject arbitrary web script or HTML via specific parameters, including newListList:ExcludeFileOnExpression, newListList:ExcludeFilesystems, newListList:ExcludeMountPaths to exclusion/configure, and text:EmailServer or newListList:Email to notification/configure.

Recommendations For Sophos Anti-Virus for Linux versions prior to 9.6.1, update to version 9.6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the exclusion/configure and notification/configure endpoints to minimize the risk of exploitation. Avoid using the vulnerable parameters newListList:ExcludeFileOnExpression, newListList:ExcludeFilesystems, newListList:ExcludeMountPaths, text:EmailServer, and newListList:Email in the affected API endpoints until the issue is resolved.