Learn Search

Search across all Learn content

← Back to Security Research

CVE-2014-2526: BarracudaDrive Multiple XSS Vulnerabilities

SecPod Research Team member (Prabhu S Angadi) has found Multiple Cross-Site Scripting Vulnerability in BarracudaDrive. The vulnerability is caused by improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise th...

Mar 6, 2014By Veerendra GG1 min read

SecPod Research Team member (Prabhu S Angadi) has found Multiple Cross-Site Scripting Vulnerability in BarracudaDrive. The vulnerability is caused by improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data.

Complete Advisory information can be found here.

Advisory in CVRF format can be found here.

plaintext
Coordinated Vulnerability Disclosure
- 24/02/2014 Issue Discovered
- 07/03/2014 Vendor Notified
- 07/03/2014 Vendor Responded
- 13/03/2014 Vendor Solution
- 17/03/2014 Advisory Released

Welcome any feedback or suggestions.

Cheers!
SecPod Research Team

CVE-2014-2526: BarracudaDrive Multiple XSS Vulnerabilities | SecPod