CVE-2011-5249
SNARE for Linux (older than 1.7.0) contains a cross-site scripting (XSS) vulnerability in the web interface that serves the events/logs. The issue arises because user-supplied data from logged shell commands is not validated before rendering in the browser, allowing an attacker to inject arbitrar...