2 matches found
Tenable Nessus < 7.1.0 Multiple Vulnerabilities (TNS-2018-05)
According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 7.1.0. It is, therefore, affected by multiple vulnerabilities: - Tenable Nessus contains a flaw that allows a stored cross-site scripting XSS attack. This flaw exists because the program...
CVE-2018-1148
Nessus before 7.1.0 is vulnerable to a session fixation flaw caused by insufficient session management. An authenticated attacker could hijack a user session after a password change by leveraging an existing session ID. The connected sources confirm the affected product (Tenable Nessus), the vuln...