Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN prior to 2.2.2.203 (2012-07-05) allow remote malicious users to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
barracudanetworks barracuda ssl vpn 1.5.0.29 |
||
barracudanetworks barracuda ssl vpn 1.2.6.004 |
||
barracudanetworks barracuda ssl vpn |