Vulnerabilities > Sophos > Email Appliance

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2021-36806 Cross-site Scripting vulnerability in Sophos Email Appliance
A reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on Sophos Email Appliance older than version 4.5.3.4.
network
low complexity
sophos CWE-79
6.1
6.1
2008-07-15 CVE-2008-3177 Configuration vulnerability in Sophos products
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.
network
low complexity
sophos CWE-16
5.0
5.0