CVE-2013-2643

Sophos Web Appliance <3.7.8.2 - XSS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-2643. PoCs published by SEC Consult.

AI-analyzed exploit summary This is a detailed security advisory from SEC Consult describing multiple vulnerabilities in Sophos Web Protection Appliance, including unauthenticated local file disclosure, OS command injection, and reflected XSS. It provides proof-of-concept examples for each vulnerability.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component.

Exploits (1)

exploitdb WRITEUP
by SEC Consult · textwebappslinux
https://www.exploit-db.com/exploits/24932

This is a detailed security advisory from SEC Consult describing multiple vulnerabilities in Sophos Web Protection Appliance, including unauthenticated local file disclosure, OS command injection, and reflected XSS. It provides proof-of-concept examples for each vulnerability.

Classification
Writeup 100%
Attack Type
Info Leak | Rce | Xss
Complexity
Trivial
Reliability
Reliable
Target: Sophos Web Protection Appliance <= 3.7.8.1
No auth needed
Prerequisites: Network access to the target appliance
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Scores

EPSS 0.0453
EPSS Percentile 90.4%

Details

CWE
CWE-79
Status published
Products (2)
sophos/web_appliance
sophos/web_appliance_firmware < 3.7.8.1
Published Mar 18, 2014
Tracked Since Feb 18, 2026