CVE-2008-2333

Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
barracuda_networksbarracuda_spam_firewall
𝑥
≤ 3.5.11.020
barracuda_networksbarracuda_spam_firewall
3.1.10
barracuda_networksbarracuda_spam_firewall
3.1.16
barracuda_networksbarracuda_spam_firewall
3.1.17
barracuda_networksbarracuda_spam_firewall
3.1.18
barracuda_networksbarracuda_spam_firewall
3.3.0.54
barracuda_networksbarracuda_spam_firewall
3.3.01.001
barracuda_networksbarracuda_spam_firewall
3.3.3
barracuda_networksbarracuda_spam_firewall
3.3.03.053
barracuda_networksbarracuda_spam_firewall
3.3.03.055
barracuda_networksbarracuda_spam_firewall
3.3.15.026
barracuda_networksbarracuda_spam_firewall
3.4
barracuda_networksbarracuda_spam_firewall
3.4.10.102
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/30362
http://www.barracudanetworks.com/ns/support/tech_alert.php
http://www.irmplc.com/index.php/168-Advisory-027
http://www.securityfocus.com/archive/1/492475/100/0/threaded
http://www.securityfocus.com/bid/29340
http://www.securitytracker.com/id?1020108
http://www.vupen.com/english/advisories/2008/1627/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42594
http://secunia.com/advisories/30362
http://www.barracudanetworks.com/ns/support/tech_alert.php
http://www.irmplc.com/index.php/168-Advisory-027
http://www.securityfocus.com/archive/1/492475/100/0/threaded
http://www.securityfocus.com/bid/29340
http://www.securitytracker.com/id?1020108
http://www.vupen.com/english/advisories/2008/1627/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42594