Lucene search
TenableCVELIST:CVE-2018-1147HistoryMay 18, 2018 - 10:00 p.m.
CVE-2018-1147
2018-05-1822:00:00
tenable
www.cve.org
12
In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user’s browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings.
CNA Affected
[
{
"product": "Tenable Nessus",
"vendor": "Tenable",
"versions": [
{
"status": "affected",
"version": "All versions prior to 7.1.0"
}
]
}
]Related
prion
prion
Input validation
2018-05-18 22:29:00
nvd
nvd
CVE-2018-1147
2018-05-18 22:29:00
cve
cve
CVE-2018-1147
2018-05-18 22:29:00
jvn
jvn
JVN#96954395: Nessus vulnerable to cross-site scripting
2018-05-21 00:00:00
tenable
tenable
[R1] Nessus 7.1.0 Fixes Multiple Vulnerabilities
2018-05-15 13:59:11
nessus
nessus
Tenable Nessus < 7.1.0 Multiple Vulnerabilities (TNS-2018-05)
2018-05-24 00:00:00
openvas
openvas
Tenable Nessus Multiple Vulnerabilities (TNS-2018-05)
2018-05-21 00:00:00