Cross-Site Scripting Vulnerability in Barracuda Spam Firewall by Barracuda Networks
CVE-2007-5058

Currently unrated

Key Information:

Vendor: Barracuda Networks
Status: Barracuda Spam Firewall
Vendor: CVE Published:; 24 September 2007

🔔 Create Barracuda Networks Vulnerability Alert

What is CVE-2007-5058?

A Cross-Site Scripting (XSS) vulnerability exists in the Web administration interface of Barracuda Spam Firewall. This flaw permits remote attackers to inject arbitrary web scripts or HTML through the username field during login attempts. It specifically manifests when users access the Monitor Web Syslog screen, where the inputs are not properly sanitized. Consequently, this can lead to potential exploitation, allowing attackers to take control of user sessions or conduct phishing attacks.

References

http://www.securityfocus.com/archive/1/480238/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2007/3257

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/36716

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2007
Vulnerability Reserved
Sep 24, 2007

JSON