CVE-2007-5058

2007-09-2422:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.042

Percentile

92.4%

JSON

Cross-site scripting (XSS) vulnerability in the Web administration interface in Barracuda Spam Firewall before firmware 3.5.10.016 allows remote attackers to inject arbitrary web script or HTML via the username field in a login attempt, which is not properly handled when the Monitor Web Syslog screen is open.

References

osvdb.org/38156

secunia.com/advisories/26937

securityreason.com/securityalert/3164

www.barracudanetworks.com/ns/support/tech_alert.php

www.infobyte.com.ar/adv/ISR-15.html

www.securityfocus.com/archive/1/480238/100/0/threaded

www.securityfocus.com/bid/25757

www.securitytracker.com/id?1018733

www.vupen.com/english/advisories/2007/3257

exchange.xforce.ibmcloud.com/vulnerabilities/36716