It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Help Center / Reference

BNSEC-00703 Authenticated, persistent XSS vulnerability in Message Archiver

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00006604

Scope:

Fixed in Message Archiver 3.2.0.026

Severity: Medium

Description:

Barracuda message Archiver is vulnerable to an authenticated persistent XSS in the versions listed above. The vulnerability allows remote attackers to inject persistent malicious script via the web interface of the device. The attacker must have partial admin privileges in order to execute the attack. In practice this vulnerability may be exploitable.

To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.

Credits:

Vulnerability Lab

Link to this page:

https://campus.barracuda.com/solution/501600000013lXeAAI