N/A

Cross-site scripting (XSS) vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment (SNARE) for Linux agent before 1.7.0 allows remote attackers to inject arbitrary web script or HTML via a logged shell command.

N/A

N/A

System iNtrusion Analysis and Reporting Environment for Linux Agent 跨站脚本漏洞

System iNtrusion Analysis and Reporting Environment（SNARE）是一套用于Linux代理中的事件日志审核管理工具，它支持将多种服务的日志收集起来以便于集中分析审计。SNARE for Linux agent是一个用于Linux系统中的日志收集代理。 SNARE for Linux Agent 1.5.1及之前版本的Web页面存在跨站脚本漏洞。远程攻击者可借助记录的shell命令利用该漏洞注入任意Web脚本或HTML。

N/A

N/A