CNNVD-202507-3752 Information
CNNVD ID
CNNVD-202507-3752
Related CVE
- CNNVD Published: 2025-07-30
Description (Chinese)
Barracuda Message Archiver是美国Barracuda公司的一个电子邮件归档平台。 Barracuda Message Archiver存在安全漏洞,该漏洞源于error参数允许直接写入JavaScript或HTML,可能导致跨站脚本攻击。
Description (English)
Barracuda Message Archiver is an e-mail filing platform for Barracuda in the United States. Barracuda Message Archiver has a security loophole, which stems from the error parameter allowing direct writing to JavaScript or HTML, which may lead to a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Barracuda
Published
2025-07-30
Last Modified
2026-02-24
References
https://bugcrowd.com/disclosures/30a330ef-0885-458c-a64f-2ad63d196b4d/dom-based-cross-site-scripting-xss-with-keylogger-injection-via-the-error-parameter-in-barracuda-mail-archiver https://access.redhat.com/security/cve/cve-2025-8319
Patch
https://www.barracuda.com/products/email-protection/message-archiver
Share on: