CVE-2024-1891

A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page.
References
Link Resource
https://www.tenable.com/security/tns-2024-10 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:tenable:security_center:*:*:*:*:*:*:*:*

History

23 Aug 2024, 16:05

Type Values Removed Values Added
First Time Tenable
Tenable security Center
CPE cpe:2.3:a:tenable:security_center:*:*:*:*:*:*:*:*
References () https://www.tenable.com/security/tns-2024-10 - () https://www.tenable.com/security/tns-2024-10 - Vendor Advisory
CVSS v2 : unknown
v3 : 3.5
v2 : unknown
v3 : 5.4

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad de cross-site scripting almacenado en Tenable Security Center donde un atacante remoto autenticado podría inyectar código HTML en la página de resultados del análisis de una aplicación web.

12 Jun 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-12 16:15

Updated : 2024-08-23 16:05


NVD link : CVE-2024-1891

Mitre link : CVE-2024-1891

CVE.ORG link : CVE-2024-1891


JSON object : View

Products Affected

tenable

  • security_center
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')