2017-03-30 17:00:00
mitre
PUBLISHED
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machines interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.