CVE-2017-9387
CVE-2017-9387 affects Vera VeraEdge 1.7.19 and Veralite 1.7.481. A shell script (relay.sh) creates SSH relays and logs all parameters to /tmp/log.relay; a companion log.sh reads those logs. Logs are served as text/html and processed by ansi2html, allowing an attacker to store an XSS payload in th...