CVE-2015-5460 in Snorby
Summary
Cross-site scripting (XSS) vulnerability in app/views/events/_menu.html.erb in Snorby 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the title (cls.name variable) when creating a classification.
Reservation
07/08/2015
Disclosure
07/08/2015
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 76349 | Snorby _menu.html.erb cross site scripting | 79 | Not defined | Official fix | CVE-2015-5460 |