It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Help Center / Reference

BNSEC-00246 XSS-NP, Auth vulnerability in multiple products

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00006520


Fixed in Spam Firewall 6.0.0
Fixed in Message Archiver
Fixed in Link Balancer

Severity: Low


The product versions listed above contain a non-persistent XSS vulnerability. To trigger this attack an attacker must authenticate as an administrative user prior to delivering the attack. The attack provides no privilege escalation.

To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.


Adi Volkovitz,Ashish Kamble,Ashkan Jahanbakhsh,David Niedermaier,Ebrahim Hegazy,John Carroll,Jon of Bitquark,Mohammed Abdelkader,Nitin Goplani,Phil Purviance,w4rri0r,Zakaria Amous

Link to this page: