Solution #00006606
Scope:
Fixed in Spam Firewall 6.0.2.001,5.1.3.006
Severity: Low
Description:
This vulnerability is a non-persistent XSS. Successful exploitation requires an authenticated user to manipulate his own request to deliver a script payload. The attack has not been found to result in any privilege escalation and is considered a code hygiene problem and not a vulnerability.
To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.
Credits:
hauntit blog,Vulnerability Lab,William Costa,Yogesh D Jaygadkar
Link to this page:
https://campus.barracuda.com/solution/501600000013lYIAAY