CVE-2020-36692

Name of the Vulnerable Software and Affected Versions Sophos Web Appliance versions older than 4.3.10.4

Description A reflected XSS via POST vulnerability in the report scheduler allows execution of JavaScript code in the victim's browser via a malicious form that must be manually submitted by the victim while logged in to SWA. This issue exists due to inadequate protection of the web page structure, potentially allowing a remote attacker to execute arbitrary JavaScript code using a specially crafted form.

Recommendations For Sophos Web Appliance versions older than 4.3.10.4, update to version 4.3.10.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the report scheduler to minimize the risk of exploitation. Avoid using malicious forms while logged in to SWA until the issue is resolved.