Knowledgebase

Barracuda's award-winning technical support is available 24x7 worldwide.
Your time is valuable, which is why we will always connect you with a live person.


BNSEC-02398: Authenticated non-persistent XSS in Barracuda Firewall v6.1.2

Solution #00006613

Scope:

Barracuda Firewall v6.1.2 and earlier (resolved in 6.1.2)

Severity: Low

Description:

The Barracuda Firewall in the versions listed above is susceptible to an authenticated non-persistent cross-site scripting attack (XSS). Requires administrative privileges. Due to the authenticated nature of this attack, it poses little risk.

For maximum protection, Barracuda Networks recommends that all customers ensure that their attack and security definitions are set to On and to upgrade to the latest generally available release of the firmware and security definitions.

Credits:

Benjamin Mejri of Vulnerability Labs

Link to this page:

http://www.barracuda.com/kb?id=501600000013m1P