A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.
References
Link | Resource |
---|---|
https://www.tenable.com/security/tns-2024-01 | Vendor Advisory |
Configurations
History
14 Feb 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
CPE | cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:* | |
References | () https://www.tenable.com/security/tns-2024-01 - Vendor Advisory | |
First Time |
Tenable
Tenable nessus |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.8 |
07 Feb 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-07 00:15
Updated : 2024-02-28 20:54
NVD link : CVE-2024-0955
Mitre link : CVE-2024-0955
CVE.ORG link : CVE-2024-0955
JSON object : View
Products Affected
tenable
- nessus