CVE-2025-8319 Information
Jul 31, 2025
cve
Description
the BMA login interface allows arbitrary JavaScript or HTML to be written straight into the page’s Document Object Model via the error= URL parameter
Reference
https://bugcrowd.com/disclosures/30a330ef-0885-458c-a64f-2ad63d196b4d/dom-based-cross-site-scripting-xss-with-keylogger-injection-via-the-error-parameter-in-barracuda-mail-archiver https://bugcrowd.com/disclosures/30a330ef-0885-458c-a64f-2ad63d196b4d/dom-based-cross-site-scripting-xss-with-keylogger-injection-via-the-error-parameter-in-barracuda-mail-archiver
Related CNNVD
CNNVD-202507-3752 (Published: 2025-07-30)
Share on: