Solution #00006520
Scope:
Fixed in Spam Firewall 6.0.0
Fixed in Message Archiver 3.0.0.008
Fixed in Link Balancer 2.5.0.027
Severity: Low
Description:
The product versions listed above contain a non-persistent XSS vulnerability. To trigger this attack an attacker must authenticate as an administrative user prior to delivering the attack. The attack provides no privilege escalation.
To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.
Credits:
Adi Volkovitz,Ashish Kamble,Ashkan Jahanbakhsh,David Niedermaier,Ebrahim Hegazy,John Carroll,Jon of Bitquark,Mohammed Abdelkader,Nitin Goplani,Phil Purviance,w4rri0r,Zakaria Amous
Link to this page:
https://campus.barracuda.com/solution/501600000013gvcAAA