PT-2019-16778 · Tenable · Nessus
Published
2019-02-11
·
Updated
2019-02-12
·
CVE-2019-3923
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Nessus versions 8.2.1 and earlier
Description
The issue is due to improper validation of user-supplied input, leading to a stored XSS vulnerability. An authenticated, remote attacker could exploit this via a specially crafted request to execute arbitrary script code in a user's browser session.
Recommendations
For Nessus versions 8.2.1 and earlier, update to Nessus 8.2.2 to address this issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nessus