Barracuda Networks Web Security Flex Multiple HTML Injection Vulnerabilities
Release date:
Updated on:
Affected Systems:
Barracuda Networks Web Security flex4.1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69384
Barracuda Networks Web Security Flex provides cloud-based malware protection, application control, and Web filtering services.
Web Security Flex 4.1 and other versions have multiple HTML Injection Vulnerabilities. After successful exploitation, attackers can run HTML and script code in the context of the affected browser to steal cookie authentication creden, control the website appearance.
<* Source: Benjamin Kunz Mejri
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Barracuda Networks
------------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://barracuda.optrics.com/flex.aspx
This article permanently updates the link address: