Hi all,
My client is currently using UTM 9 on 9.405-5. My client is concerned about the vulnerability released last week CVE-2016-7442 and CVE-2016-7397.
Vulnerability Details:
The password is reflected to DOM and is readable through the "value" field of the SMTP user settings in notifications tab. You have to be authenticated to access the configuration tab.
Has Sophos got any fix for this?
Cheers
Hunt
This thread was automatically locked due to age.
