CVE-2016-9261

Name of the Vulnerable Software and Affected Versions Tenable Log Correlation Engine versions prior to 4.8.1

Description The issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, which is a cross-site scripting (XSS) vulnerability.

Recommendations For versions prior to 4.8.1, update to version 4.8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation.