3 matches found
CVE-2023-24494
A stored cross-site scripting XSS vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user...
CVE-2023-24494
Tenable.sc versions prior to 6.0.0 are affected by a stored XSS vulnerability (CVE-2023-24494) due to improper validation of user-supplied input. An authenticated attacker can entice a user to click a crafted URL, causing script execution in the user’s browser session. The issue is rooted in inpu...
[R2] Tenable.sc 6.0.0 Fixes Multiple Vulnerabilities
R2 Tenable.sc 6.0.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 01/24/2023 - 11:16 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components libcurl was found to contain vulnerabilities, and updated versions have been made available...