CVE-2007-6316 Information

Description

Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request which is activated by administrators viewing log files via the Trace page.

Reference

http://aluigi.altervista.org/adv/barradrive-adv.txt http://secunia.com/advisories/28032 http://securityreason.com/securityalert/3434 http://www.securityfocus.com/archive/1/484833/100/0/threaded http://www.securityfocus.com/bid/26805