Mike Anderson

1 exploit Active since Jul 2015
CVE-2015-5460 WRITEUP WRITEUP
Snorby 2.6.2 - Stored Cross-Site Scripting via Classification Title
Cross-site scripting (XSS) vulnerability in app/views/events/_menu.html.erb in Snorby 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the title (cls.name variable) when creating a classification.