Summary
Barracuda IM Firewall is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user- supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Barracuda IM Firewall 620 Firmware v4.0.01.003 is vulnerable other
versions may also be affected.
References
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- Adobe ColdFusion HTTP Response Splitting Vulnerability
- Apple Safari Multiple Vulnerabilities
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability