DOM-Based Cross-Site Scripting Vulnerability in Barracuda Mail Archiver Login Interface
CVE-2025-8319

Currently unrated

Key Information:

Vendor: Barracuda Networks
Status: Barracuda Mail Archiver
Vendor: CVE Published:; 30 July 2025

🔔 Create Barracuda Networks Vulnerability Alert

What is CVE-2025-8319?

The Barracuda Mail Archiver's login interface is susceptible to a DOM-based Cross-Site Scripting (XSS) vulnerability. This flaw allows an attacker to inject arbitrary JavaScript or HTML directly into the Document Object Model (DOM) through manipulation of the error= URL parameter. Such exploitation can lead to unauthorized access, data leakage, and potentially compromise user sessions. Organizations using the affected versions of Barracuda Mail Archiver should take immediate action to mitigate this vulnerability to protect their systems and sensitive data.

References

https://bugcrowd.com/disclosures/30a330ef-0885-458c-a64f-...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025