Barracuda's award-winning technical support is available 24x7 worldwide.
Your time is valuable, which is why we will always connect you with a live person.
BNSEC-00703 Authenticated, persistent XSS vulnerability in Message Archiver
Fixed in Message Archiver 3.2.0.026
Barracuda message Archiver is vulnerable to an authenticated persistent XSS in the versions listed above. The vulnerability allows remote attackers to inject persistent malicious script via the web interface of the device. The attacker must have partial admin privileges in order to execute the attack. In practice this vulnerability may be exploitable.
To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.
Link to this page: