10 matches found
EUVD-2015-5416
Malware in sbrugna...
-------------------------------------------------------- Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability -------------------------------------------------------- Vendor ------ https://www.snorby.org/ Version ------- 2.6.2 Descriptio
-------------------------------------------------------- Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability -------------------------------------------------------- Vendor ------ https://www.snorby.org/ Version ------- 2.6.2 Description ----------- Found another Stored Cross-site Scripting...
Snorby 'view.html.erb' HTML Injection Vulnerability
Snorby is a set of Ruby on Rails based on the Ruby language open source web application framework for network security monitoring web applications . Snorby suffers from an HTML injection vulnerability that could be exploited by an attacker to cause the browser to execute arbitrary HTML or script...
Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability
-------------------------------------------------------- Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability -------------------------------------------------------- Vendor ------ https://www.snorby.org/ Version ------- 2.6.2 Description ----------- During my research and testing of new IDS...
Snorby 'menu.html.erb' HTML Injection Vulnerability
Snorby is a set of Ruby on Rails based on the Ruby language open source web application framework for network security monitoring web applications . An HTML injection vulnerability exists in Snorby that stems from the program failing to adequately filter user-submitted input. When a user browses...
CVE-2015-5460
Cross-site scripting XSS vulnerability in app/views/events/menu.html.erb in Snorby 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the title cls.name variable when creating a classification...
Cross site scripting
Cross-site scripting XSS vulnerability in app/views/events/menu.html.erb in Snorby 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the title cls.name variable when creating a classification...
CVE-2015-5460
Cross-site scripting XSS vulnerability in app/views/events/menu.html.erb in Snorby 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the title cls.name variable when creating a classification...
CVE-2015-5460
Snorby 2.6.2 is affected by an HTML/XSS vulnerability in the server-side template app/views/events/_menu.html.erb. The issue allows remote attackers to inject arbitrary HTML/script via the title (cls.name) field when creating a classification, due to insufficient input handling. The vulnerability...
Snorby 2.6.2 Cross Site Scripting
-------------------------------------------------------- Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability -------------------------------------------------------- Vendor ------ https://www.snorby.org/ Version ------- 2.6.2 Description ----------- During my research and testing of new IDS...