Barracuda Spam and Virus Firewall Cross Site Scripting Vulnerability
BID:68914
Info
Barracuda Spam and Virus Firewall Cross Site Scripting Vulnerability
| Bugtraq ID: | 68914 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 25 2014 12:00AM |
| Updated: | Jul 25 2014 12:00AM |
| Credit: | Yogesh Jaygadkar, Jakub Galczyk, Vulnerability Lab, and William Costa |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Barracuda Spam and Virus Firewall Cross Site Scripting Vulnerability
Barracuda Spam and Virus Firewall is prone to cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Barracuda Spam and Virus Firewall is prone to cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
Barracuda Spam and Virus Firewall Cross Site Scripting Vulnerability
An attacker can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.
An attacker can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.