3 matches found
JVN#87760109: Nessus vulnerable to cross-site scripting
Nessus provided by Tenable Network Security, Inc. contains a stored cross-site scripting vulnerability CVE-2017-2122. An authenticated user may store crafted contents to Nessus. According to the developer, another stored cross-site scripting vulnerability CVE-2017-5179 was found and fixed in Ness...
CVE-2017-5179
CVE-2017-5179 is a stored XSS vulnerability in Tenable Nessus prior to 6.9.3. An authenticated user can inject arbitrary script/HTML into Nessus pages, potentially causing the victim’s browser to execute code in the context of the logged-in user. Affected product/version: Nessus before 6.9.3. Roo...
KLA10926 Cross-site scripting vulnerability in Tenable Nessus
Cross-site scripting vulnerability was found in Tenable Nessus. By exploiting this vulnerability malicious users can inject HTML code or arbitrary web script. This vulnerability can be exploited remotely via unspecified vectors. Original advisories Nessus 6.9.3 Release Notes Related products Ness...