Loading
Generated remediation guidance and an executive summary. No account required.
Cross-site scripting (XSS) vulnerability in the Web administration interface in Barracuda Spam Firewall before firmware 3.5.10.016 allows remote attackers to inject arbitrary web script or HTML via the username field in a login attempt, which is not properly handled when the Monitor Web Syslog screen is open.
Use CWE-79, Barracuda Networks vendor hub and Barracuda Spam Firewall product page to widen CVE-2007-5058 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2007-1673, CVE-2007-1669 and CVE-2006-4081 for nearby disclosures in the same product family. Additional editorial context is available in Why “Low” and “Medium” CVEs Still Breach Networks.