Cross-Site Scripting Flaw in BarracudaDrive Web Server by Barracuda Networks
CVE-2007-6316

Currently unrated

Key Information:

Vendor: Real Time Logic
Status: Barracudadrive Web Server; Barracudadrive Web Server Home Server
Vendor: CVE Published:; 12 December 2007

🔔 Create Real Time Logic Vulnerability Alert

What is CVE-2007-6316?

A Cross-Site Scripting (XSS) vulnerability exists in BarracudaDrive Web Server prior to version 3.8, allowing attackers to inject arbitrary web scripts or HTML. This is executed when an administrator views log files on the Trace page, which can lead to unauthorized access and manipulation of web content, compromising the security of the server and its users.

References

http://www.securityfocus.com/archive/1/484833/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/28032

third-party-advisoryx_refsource_SECUNIA

http://aluigi.altervista.org/adv/barradrive-adv.txt

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2007
Vulnerability Reserved
Dec 11, 2007

CVE-2007-6316 Data

JSON