Full title: Sophos Web Appliance 4.2.1.3 Privilege Escalation Vulnerability 
Category: web applications
Platform: php
Sophos Web Appliance version 4.2.1.3 suffers from a privilege escalation vulnerability. An unprivileged user can obtain an MD5 hash of the administrator password which can then be used to discover the plain-text password.

# 0day.today @ http://0day.today/