It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Help Center / Reference

BNSEC-01052 Authenticated, non-persistent XSS, remotely exploitable vulnerability in Spam Firewall

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00006606

Scope:

Fixed in Spam Firewall 6.0.2.001,5.1.3.006

Severity: Low

Description:

This vulnerability is a non-persistent XSS. Successful exploitation requires an authenticated user to manipulate his own request to deliver a script payload. The attack has not been found to result in any privilege escalation and is considered a code hygiene problem and not a vulnerability.

To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.

Credits:

hauntit blog,Vulnerability Lab,William Costa,Yogesh D Jaygadkar

Link to this page:

https://campus.barracuda.com/solution/501600000013lYIAAY